Qualys has completely overhauled its handy free BrowserCheck security browser tool, adding the ability to check multiple plug-ins across different browsers from a single interface and widening its scan to elements of the Windows system.
The update is good news for anyone who worried that Qualys was losing interest in its BrowserCheck tool, which first appeared in 2010 but seemed to drift imperceptibly despite a business-manageable version less than a year later.
Browser vendors added similar plug-in checking features, notably Mozilla, and that's before factoring more featured free services such as Secunia's Software Inspector. Coincidentally, this is now also browser-based, having emerged from beta last week.
With the tool installed, users can now scan all installed browsers, receiving a report on out of date (and therefore almost certainly vulnerable) plug-ins. Unlike Firefox, the tool doesn't simply ignore those that aren't common, offering simple fixes for each one it encounters.
For the first time it also possible to get some basic data on Windows components such as the Service Pack number, Windows Update and Windows firewall status and even whether Microsoft Security Essentials (or other antivirus) is up to date.
The Business Edition, also updated, now makes it easy to compare a list of installed programs across different versions by the number of issues found in scanned PCs. Alternatively, admins can scan for the most insecure plugins, fixing the worst offenders first. Scan data can also be surveyed over time.
This sort of feature is manna for the SME who won't have patching systems in place.
What Qualys gets back from BrowserCheck, of course, is priceless data on the state of browsers using it, mostly business-sited machines. That matters; vulnerable plug-ins are by far the most likely route for software compromise and the malware-peddlers know it.
If PC users kept these up to date – and in some cases de-installed obsolete versions – would make malware writers work a lot harder for their money.