Frequently Asked Questions

Running and scanning with the Secunia PSI

The Secunia PSI is stuck at "Verifying Internet connection..." and won't start. What can I do?
How do I update my programs with the Secunia PSI?
Why am I experiencing 100% CPU utilization when it comes to the "Checking for Microsoft Updates" part of the inspection?
I finished scanning with the Secunia PSI and one of my programs is not being detected. How can I add it to your database?

Updating your software

Microsoft Update says my Windows files are up to date, but the Secunia PSI is still reporting my software as insecure. What should I do?
I know there is a newer version of a program available, but the PSI is not offering the update. Why not?
My default browser is not Internet Explorer, but some links in the PSI open in Internet Explorer. Why is that?
The Secunia PSI says "An error occurred while attempting to open the specified URL" when I click links. How can I solve this?
What is the difference between the Secunia PSI and the Online Software Inspector (the 'OSI')?
What is the difference between the Secunia PSI and the Secunia CSI (for enterprise networks)?
How often do you update version rules?
Can I use the Secunia PSI even when I am not connected to the Internet?
How can I suggest a feature or report an error in the Secunia PSI?
I have updated one of my programs, but an older version is still being detected by the PSI. What can I do about this?

Difference between the Secunia PSI 3.0 and older versions

I need some of the features of the 2.x or 1.x version. Will you bring them back?
Can I still use the older versions?

Troubleshooting the Secunia PSI

Which information should I include when requesting support for the PSI 2.x and 1.x branches?
I cannot get the Secunia PSI to work on a system using a proxy. Why is this?

Secunia PSI technology

How does the scan engine work?
What is the Secunia Packaging System (SPS) and how does it work?

Running and scanning with the Secunia PSI

The Secunia PSI is stuck at "Verifying Internet connection..." and won't start. What can I do?
The Secunia PSI needs to be able to connect to Secunia's servers to complete a scan. To make this possible, you may need to change some of your Internet options.
To do this:
1. Open the control panel.
2. Open Internet Options > Security tab. In Windows7/Vista you may need to click Network and Internet to access the Internet Options.
3. Select the Internet zone and click Custom Level.
4. In Security Settings, go to the Scripting > Active Scripting option.
5. Make sure that Active Scripting is enabled (rather than Disabled or Prompted).
6. Click OK then Yes.
7. Back in the Security tab, select the Trusted Sites zone and click Sites.
8. Type in the following and click Add to add it to the Trusted Sites list: https://*.secunia.com.
9. Click Close then OK.
10. Run the Secunia PSI again to view the scan results.
11. How do I update my programs with the Secunia PSI?
  The Secunia PSI interface will show you all detected insecure programs on your machine. Many commonly used programs can be automatically updated, and the only necessary action when it comes to them will be clicking them to select which language should be installed. For auto-upgradable programs without localisation options, no actions are required.
  
  For those programs that cannot be auto-updated, use the "Click to update". With most popular programs, this will silently install a Secunia SPS package. For more information on SPS, please see this section of our FAQ. For programs that do not yet have an SPS installer, you can then proceed with the installation as usual.
12. Why am I experiencing 100% CPU utilization when it comes to the "Checking for Microsoft Updates" part of the inspection?
  To inspect for missing Microsoft Updates, the Secunia PSI runs the Automatic Update service, which causes an instance of the svchost.exe file to execute. Under some circumstances, such as if you have a certain Windows hotfix installed, this can lead the svchost.exe file to stop responding. This is a known Windows issue that has a resolution. You can read more about it in this Microsoft Support article.
13. I finished scanning with the Secunia PSI and one of my programs is not being detected. How can I add it to your database?
  When filing a software suggestion, it is critical to select a file that matches the programs actual version number. Typically, the real program number can be found on the programs "About" tab.
  
  To suggest new software for the Secunia PSI 2.x series, go to the Scan Results page and click the "Are you missing a program?..." button, then proceed to select a file for investigation by Secunia.
  
  In order to do this for the Secunia PSI 1.x series, click "Program missing?..." at the bottom of the Insecure, End-of-Life or patched tabs in Advanced interface mode, and select a file.
  
  To suggest a new program in the Secunia PSI 3.x Beta, first run a full rescan. Then, click "Show Programs". To the right of your currently detected programs (The Up-to-date programs category) you will find the "Add Program" button. You can then select a file to suggest.
  
  Secunia usually process software suggestions within a few days, although exceptions may apply. If you provide an email address when suggesting software from the 2.x branch, we can inform you when the software has been added or explain why your suggestion was not processed if that is the case.
Updating your software
1. Microsoft Update says my Windows files are up to date, but the Secunia PSI is still reporting my software as insecure. What should I do?
  When upgrading Windows you will frequently be required to reboot, or the updates may be installed over several turns. To ensure you are really up to date, try following this procedure:
  1. Check Microsoft Update, install all patches marked as 'critical'
  2. Reboot your system
  3. Repeat step 1, and go to step 2 if anything was installed at this step (repeat as needed)
  4. Run a full rescan with the Secunia PSI
2. I know there is a newer version of a program available, but the Secunia PSI is not offering the update. Why not?
  Vendors release new versions of a program for many reasons, and many newer releases don't contain security fixes. It is important to understand that the Secunia PSI is not a general update checker, but rather a security patch checker.
  
  The implication of this is that whenever the Secunia PSI offers you an update, that update will fix a specific, known security vulnerability.
  
  In these cases, Secunia recommend that you read the vendor release notes to determine if you prefer to install the update or not.
3. My default browser is not Internet Explorer, but some links in the Secunia PSI open in Internet Explorer. Why is that?
  Some links are set by the Secunia PSI to open in Internet Explorer. This is because Microsoft Update does not work properly when opened by a browser other than Internet Explorer.
  
  For information on how the Secunia PSI determines which browser to use, please see the FAQ entry on default browsers (Here).
4. The Secunia PSI says "An error occurred while attempting to open the specified URL" when I click links. How can I solve this?
  This error occurs because the registry key specifying your default browser is not properly set. To solve it, try setting your preferred browser as default again.
  
  If this has not resolved the problem, you can examine the registry key the Secunia PSI uses to determine your default browser. To see this key, open the Registry Editor by typing "regedit" in the box that appears by clicking "Run" in the start menu on Windows XP, or in the start menu search field for Windows Vista & 7.
  
  Then navigate with regedit to "HKEY_CLASSES_ROOT\HTTP\shell\open\command". This registry key configures your default browser, and the program specified here is what the Secunia PSI is having problems executing. Verify that the path points to your preferred browser, and that the browser indicated has not been removed and is still functional.
  
  These are some typical registry keys from the most used browsers known to work with the Secunia PSI as an example. Please note that these examples are provided only as a courtesy, and Secunia does not officially recommend changing your registry to any of these values.
  1. Internet Explorer
    "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome
  2. Internet Explorer 32-bit on Windows 64-bit
    "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" -nohome
  3. Mozilla Firefox
    "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url
  4. Mozilla Firefox on Windows 64-bit
    "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1"
  5. Opera
    "C:\Program Files\Opera\Opera.exe" "%1"
  6. Opera 32-bit on 64-bit Windows
    "C:\Program Files (x86)\Opera\Opera.exe" "%1"
  7. Google Chrome
    "C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" -- "%1"
    "Administrator" should be replaced with your username for this to work
  8. Apple Safari
    "C:\Program Files\Safari\Safari.exe" -url "%1"
  9. Apple Safari 32-bit on 64-bit Windows
    "C:\Program Files (x86)\Safari\Safari.exe" -url "%1"
  Please be aware that modifying or deleting the wrong registry key can effectively break your system. If you are not comfortable working with the registry, it is recommended that you request assistance on our community forum.
5. What is the difference between the Secunia PSI and the Secunia OSI (Online Software Inspector)?
  The Secunia OSI identifies a few dozen of the most common applications, while the Secunia PSI can identify thousands. In addition, the OSI is in a web browser, while the Secunia PSI is downloaded and installed.
  
  Furthermore, the Secunia PSI has a range of features not found in the OSI, such as automatically updating your programs and automatically scanning on a weekly basis.
6. What is the difference between the Secunia PSI and the Secunia CSI (Corporate Software Inspector)?
  The Secunia CSI is a commercial product designed to allow you to scan other computers within a network (such as in an office environment), making it ideal for corporate users. For sales and pricing inquiries please contact sales@secunia.com or visit the Secunia CSI page.
  
  In contrast, the Secunia PSI is a free program designed for private users that only scans the computer in which it is installed. However, both the CSI and Secunia PSI identify the same number of applications.
7. How often do you update version rules?
  Secunia Support updates our version rules whenever a vendor releases a security patch for any vulnerability in a product detected by the Secunia Scan Engine.
  
  The version numbers shown as Secure by the Secunia PSI are based on Secunia Advisories and our internal tests.
8. Can I use the Secunia PSI even when I am not connected to the Internet?
  In order to determine which programs you have installed, the scan results from the Secunia PSI are matched against the Secunia Files Signatures database.
  
  To check which programs may be vulnerable and which aren't, the Secunia PSI uses your internet connection to send the information from your files to Secunia servers. Since the Secunia PSI depends on this, you cannot use the Secunia PSI offline.
9. How can I suggest a feature or report an error in the Secunia PSI?
  For all feature requests or error inquiries, please submit your suggestions or error reports to support@secunia.com (including screenshots, whenever possible).
  
  You can also post to our community forum, found at http://secunia.com/community/forum/
10. I have updated one of my programs, but an older version is still being detected by the Secunia PSI. What can I do about this?
  Some programs leave behind the older version when updating to a new one. As the Secunia PSI is a vulnerability scanner and patching tool, it does not provide functionality to remove or manage these old versions.
  
  Some vendors do this deliberatively by policy, and some vendors by mistake. An example of a vendor deliberatively leaving behind the old version is Google, who do not remove old versions when deploying updates for Google Chrome. This is an intentional policy on Google's behalf, and is done to prevent developers using Chrome from losing any of their work.
  
  How you wish to deal with such older versions is entirely up to you. For assistance, please contact the vendor. You can also post to our community forum, found at http://secunia.com/community/forum/
Difference between the Secunia PSI 3.0 and older versions
1. I need some of the features of the 2.x or 1.x version. Will you bring them back?
  Currently, the Secunia PSI 3.0 is in public beta. During this phase we are especially attentive to the feedback we receive, and will attempt to meet the demands of our users. Depending on the amount of feedback we receive over potential issues, the suggestions and concerns voiced by our community will be taken into consideration.
2. Can I still use the older versions?
  Yes, both versions 1.x and 2.x are currently supported, and can be downloaded free of charge by home users.
Troubleshooting the Secunia PSI
1. Which information should I include when requesting support for the Secunia PSI 2.x and 1.x branches?
  For the Secunia PSI 2.x branch, when making support requests on our community forum or directly contacting Secunia PSI community support, please provide the troubleshoot report for the program in question.
  
  In order to generate this report, you can double-click the programs entry on the Scan Results page. A pop-up window will open, and from here you can click "Troubleshoot report".
  
  You can then copy-paste this report using Ctrl+C and Ctrl+V. This report contains information which is necessary for troubleshooting, such as filepaths and detailed metadata on the program being debugged.
  
  For the Secunia PSI 1.x branch, enable the Advanced Interface Mode, expand the program entry, and click "Technical details". You can then copy-paste this information and provide it as a troubleshoot report.
  
  Be sure to inform the community or Secunia support which version of the Secunia PSI you are currently using.
2. I cannot get the Secunia PSI to work on a system using a proxy. Why is this?
  The Secunia PSI does not officially support proxies, and Secunia does not offer support for using the Secunia PSI on platforms with proxies.
Secunia PSI technology
1. How does the scan engine work?
  The Secunia PSI works by examining files on your computer (primarily .exe, .dll, and .ocx files). These files contain non-specific meta information provided by the software vendor. This data is the same for all users and originates from the installed programs on your computer — never from their configuration.
  
  After examining all the files on your local hard drive(s), the collected data is sent to Secunia's servers, which match the data against the Secunia File Signatures engine to determine the exact applications installed on your system. This information can then be used to provide you with a detailed report of the missing security related updates for your system.
2. What is the Secunia Packaging System (SPS) and how does it work?
  The Secunia packaging system, from a Secunia PSI user perspective, is a new approach to silent installation and general ease of use. Secunia have been repackaging vendor installers with the intent of making updating, and in particular silent installations and automatic updating, easier to use. Secunia does not in any way alter contents of the file, nor do we add any sort of "extra" installers. Secunia will never add anything to a package that is not installed by the vendor by default, and we strive to disable toolbars and third-party programs bundled along with the installer by the vendors.
  
  The SPS serves as a wrapper around the normal installer, forcing it to install silently.

Frequently Asked Questions

Secunia Customer Login

Not a customer already?