+

Tool Time: Secunia Online Software Inspector (OSI)

June 6, 2013


Articles News admin Comments Off

Tool Time: Secunia Online Software Inspector (OSI)
Mervyn Heng, CISSP – May 2013

The beauty of running Ubuntu Linux is the ease of maintaining your Operating System (OS) and software using the apt command or Update Manager. Both tools offer a single mechanism of keeping your system patched and up to date. The same cannot be said of Windows because the built-in update program only caters to Microsoft proprietary software such as the OS and Microsoft Office for examples.

Microsoft has enterprise tools like System Center Configuration Manager (SCCM) to install patches and upgrades to servers as well as endpoints but there are still standalone systems that require manual patching.

Besides Microsoft components, there are a host of other software (eg. Reader, Flash, Java) that are require to support business operations but highly susceptible to compromise. Maintaining them can be tedious, time consuming and insecure as an administrator may not apply a patch or upgrade in a timely manner.

There is a simple solution to this predicament. Secunia hosts a free tool called Online Software Inspector (OSI). Click Start Scanner to initiate a check on your system.

fig1

Figure 1: Secunia OSI page

It is a Java Applet that scans your system to find insecure software that requires patching or upgrading. Click Run to permit this Applet.

 

 

 

fig2

 

 

 

Figure 2: Java Applet

The latest software version and patch information will be downloaded from Secunia’s website. When it has completed, the status will read as Java Applet loaded successfully. Press “Start” to begin. It is wise to select Enable thorough system inspection for completeness. Click Start to begin.

 

 

fig3

 

 

Figure 3: Start scan

When the scan is complete, OSI displays the results to inform you which software is insecure and what steps to take to remediate them. In this specific example, Java Runtime Environment (JRE) is outdated and requires upgrading to the latest version.

 

 

fig4

 

 

Figure 4: Scan results

Take the necessary actions required to remediate the system. After fixing the issues found, re-run the OSI tool to validate that the system is truly free from vulnerable software.

 

 

 

This tool is a free service that should be taken advantage of to increase productivity in detecting vulnerable software especially on Windows OSs. The only caveat of this facility is the need to have Internet access.

Install Java and launch your browser to start using it today.

Profile
Mervyn Heng, CISSP, is into Ubuntu, Comic Universe characters, Pop culture and Art outside of Information Security. If you have any comments or queries, please contact him at commandrine@gmail.com.Comments

Tagged with:

Comments are closed.


IT MAGAZINES: Hakin9 Magazine | Pentest Magazine | eForensics Magazine | Software Developer's Journal | Hadoop Magazine | Java Magazine
IT Blogs: Hakin9 Magazine Blog | Pentest Magazine Blog | eForensics Magazine Blog | Software Developer's Journal Blog | Hadoop Magazine Blog | Java Magazine Blog
IT ONLINE COURSES: Pentest Laboratory
JOB OFFERS FOR IT SPECIALIST: Jobs on Hakin9 Magazine | Jobs on Pentest Magazine | Jobs on eForensics Magazine | Jobs on Software Developer's Journal | Jobs on Java Magazine | Jobs on Hadoop Magazine
Hakin9 Media Sp. z o.o. Sp. komandytowa ul. Postępu 17D, 02-676 Warszawa