Secunia has launched version 3.0 of its Personal Software Inspector (PSI) patch management program, which can silently install security updates for a large number of software applications following a successful beta phase.
PSI leverages Secunia's vulnerability intelligence to determine if software programs installed on a user's Windows computer are missing security patches. The product is free for personal use and supports applications from over 3,000 software vendors.
The first version of the program was only capable of notifying users about available security updates and providing them with links to download them.
That changed in version 2.0, which added the ability to automatically download and silently install patches for a limited number of popular applications like Adobe Reader, Flash Player and Java.
The new PSI 3.0 extends the silent patching functionally to all supported applications. However, users can enable and disable the feature at will from the program's interface.
Danish vulnerability intelligence and research firm is able to provide a patching experience that doesn't require any user interaction or effort by encapsulating all vendor patches into a proprietary installer that suppresses their dialogues.
"Updating software is a daunting task," said Thomas Kristensen, Secunia's chief security officer. Most software vendors don't provide proper automated and silent updating mechanisms for their programs, which causes many users to fail to keep up with security updates, he said.
Statistics recently gathered by Secunia from PSI users in the US showed that 16% of the unpatched vulnerabilities detected on their computers were located in the operating system, 18% in Microsoft programs and 66% in software applications from other vendors.
Oracle's Java, Apple QuickTime and Adobe Shockwave Player were found to be the most exposed programs based on their market share and unpatched rate.
Java, which is one of the most commonly targeted applications in exploit-based attacks, was installed on 83% of the scanned computers. However, 31% of them were running an outdated version.
In order to prevent the automatic update feature from causing problems for users who need an older and insecure version of a program for compatibility reasons, PSI 3.0 allows users to create ignore rules for particular applications.
In addition to automatic updates for all supported applications, the new PSI 3.0 comes with a significantly simplified user interface compared to version 2.0 and supports five languages - English, French, Spanish, German and Danish.