Windows package management is not an easy task, often left only to WSUS server, WPKG, group policies or simply the individual applications automatic updates.
Leaving updates to only the applications and users themselves obviously is not good enough! Although this has gotten better the last years, some sort of action and verification is needed.
For example the Java Runtime Environment does not deinstall old versions when new versions are installed. Probably as a service for you, so your old java applications can decide which one they want to use, avoiding problems with incompatibility. But this update strategy also leaves a hole for crackers to potentially abuse!
I did mention installing and updating Windows applications with win-get, but it probably is not a option for anyone else than the tech geek at home.
How much package management Microsofts new NAP service can handle is unknown to me. What I have read so far sounds like it can do limited checks, such as if Windows hotfixes are applied and Firewall is on. I need hands on to know more I guess.
Well, here is something worth trying Software Inspector from Secunia:
Online version:
http://secunia.com/software_inspector/
Secunia Software Inspector
Feature Overview - The Secunia Software Inspector:
* Detects insecure versions of applications installed
* Verifies that all Microsoft patches are applied
* Assists you in updating your system and applications
* Runs through your browser. No installation or download is required.
Offline, for installation on your PC:
https://psi.secunia.com/
Version: 0.9.0.0 / Size: 444,892 bytes / Changelog
The Secunia PSI is only free for private individuals
The Secunia PSI is available free of charge.
Secure your PC. Patch your applications. Be proactive.
Scan for Insecure and End-of-Life applications.
Track your patch-performance week by week.
Direct and easy access to security patches.
Detect more than 300,000 unique application versions
For work, it would be perfect to have a central Software Inspector server (ala WSUS server) which has info of all computers where an agent was installed. Great for reporting and verification of your Windows package management tools actually does its thing as you are expecting!
Subscribe to:
Post Comments (Atom)
1 comment:
I have heard about another way of outlook password recover. Besides, you can visit my blogs at: http://daspeac.livejournal.com/ or http://daspeac.blogspot.com/ where I’m trying to share my experience with regard to data corruption issues.
Post a Comment