8:40 CET, 13th September 2010 By Secunia.
Secunia has updated its Personal Software Inspector (PSI) with the ability to silently download and apply patches from multiple vendors soon after their release. PSI 2.0 is now available in an open beta test.
Alongside the failure of security software to detect an exploit or a piece of malicious software, missing patches remain a significant reason why computers become infected with bad code. Cyber criminals are increasingly probing third-party applications to find a way to take over computers.
Secunia looked at the top 50 programs used by its more than two million users. Twenty-six of those programs are made by Microsoft, which uses an auto-update mechanism to distribute patches on the second Tuesday of the month. Of the 420 or so vulnerabilities found in those 50 programs in 2009, about 35 percent of those were Microsoft programs, said Stefan Frei, research analyst director for the company.
The rest were in third-party applications from Adobe Systems, Apple and others, which use up to 13 different update mechanisms for the remaining 65 percent of vulnerabilities found in the 24 applications, Frei said.
Many of those applications have auto-update mechanisms, but none have uniform schedules for checking for new patches, Frei said. That leaves a window of opportunity for cybercriminals.
"This clearly shows why cybercrime is happening," Frei said. "They [cyber criminals] don't need Microsoft."
To read the rest of the article, visit Infoworld at: Secunia security program automatically tracks down, applies patches