News Stay informed about the latest enterprise technology news and product updates.

Secunia Supplies Continuing Reminders of the Interesting State of Software Security

I run Secunia PSI on all of my networked PCs (which means “all my PCs,” in fact). Every now and then, the program smacks me with forcible reminders of how interesting it can be for network admins to keep up with an ever-changing landscape of patches, fixes, and updates.

As the updates hit, my synch level has had some misses lately

As the updates hit, my synch level has had some misses lately

Two cases in point on my production PC this morning:

  • Secunia informed me that my Citrix WebApp plug-in was out of date and that a newer version was available. But because I’m not a licensed Citrix user at present (I was working as a contractor for a chemical company last year, and got the plug-in from them so I could use their VPN) I wasn’t able to download the latest version (no license, no access, as is perfectly understandable). I ended up having to find the directory in which the plug-in resided, and then having to manually delete same, to clear the warning on my machine. No big deal: I’m not using it anymore anyway.
  • Secunia also let me know that a new version of Chrome 10.x was out (and wow! the first one only shipped last week: those Google guys move fast!). I clicked the About menu entry in the program and it informed me that Chrome was up-to-date. So I had to go to the Chrome download page, then download and install the latest version to clear that warning.

It just goes to show you that when it comes to keeping up with software updates, it’s not always a push-button, completely automated affair. Sure, Secunia will indeed update lots of stuff for you, but there’s always something that automation doesn’t catch (my lack of Citrix download access on the one hand, and Chrome’s refusal to recognize it needed updating on the other). That’s when an admin has to step in, figure out what’s broke, and fix it the old fashioned way: diagnosis, analysis, repair, and post-assessment. I guess we should all be glad: otherwise, somebody in Pune or Hyderabad would be taking care of my machines for me, and I’d be out of a job.

[Note to the wonderful folks at Secunia, whose PSI is a real Godsend to me: my final remark about being out of a job is purely metaphorical, all my systems are in my home, and not part of a commercial enterprise. Please! Don’t take my licenses away.]

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

Ed, Are you using Secunia PSI version 2.0? And you could have kept your Citrix application if you had out it's folder name into an Ignore Rule. Regards Graham
OOPS - sorry "...if you had [B]put [/B]it’s folder name into an Ignore Rule.
Dear Graham: You are correct to observe that Secunia permits users to create "ignore rules" on an application-by-application basis. But because I'm not using the Citrix remote access software and I can't legally obtain an updated and secure version of the program for my production PC, I actually [B]prefer[/B] to remove it from that machine. I understand that a program I'm not using can't easily pose a security threat, but to me, the whole point of using Secunia is to keep up with what's current. Thus, Secunia's warning served me as a reminder to get rid of something I don't use and thus don't need. And that's why I got rid of it! Hope that makes sense to you: it certainly does to me! Thanks for the posting and the feedback, --Ed--