Sunday, December 27, 2009

How To: Documentation for using Secunia's PSI

When I'm asked to clean up a machine that runs the Windows operating system, I normally install an application from Secunia called Personal Software Inspector (PSI). Below is the documentation that I give them on how to use PSI.

I have downloaded a program on your PC called Secunia Personal Software Inspector. It was downloaded from http://secunia.com/vulnerability_scanning/personal/ and it will help keep software on your PC up to date. This is important because vendors are always making security updates that will close vulnerabilities that hackers can use to take control of your PC. Many vendors have started to put an automated process similar to the Microsoft Automatic Updates in place because most people will never update their software on their own.

PSI will run when Windows starts up and initially will do a scan. Below is a screen shot of the PSI dashboard after scanning my PC. You will see in red the programs that are not current and in need of patching. In the “Solution” column, you can click on the blue icons and it will allow you to get the patch you need to be secure. Click all these icons to update your insecure software. After patching, PSI will rescan your system.


This is the screen showing your programs in need of patching. The Red bar in the graph shows you you need to take some action. Your goal is to have a Green bar that shows you are fully patched.


As you can see in the System Tray, if you hover your mouse over the PSI icon (the 3 red squiggly lines) it will tell you the status. Here it shows that you've just installed a more current version of a program.


Here is an example after you've clicked on the “Solution” icon, and it gives you a dialog box that allows you to get the patch you need and you can then install it.


After completing your patching, your scan should then show you that you have no insecure applications. This is your goal. It is just as easy as that. If you have any questions, just get a hold of me and I will try and help.

No comments: