Monday, April 14, 2008

Security Checklist

Brian Krebs has a nice post up. (He calls it a pop quiz, a clear sign that he needs editing help from me.) His checklist itemizes the latest versions of a dozen of the most popular software packages. All have recently been upgraded, and almost all have included patches to close potential security holes, so it's probably worth taking a look.

I give myself three geek points for scoring 100% up-to-date on all the applicable possibilities (I don't use every program he lists).

Krebs also points to a site called Secunia, where you can run a Java applet to verify the up-to-date status of a bunch of programs. Be aware that the site tries, mildly, to entice you into downloading other applications, which you may or may not want.

The application took a little over a minute to run for me, and it seems pretty good, as far as popular applications go. It incorrectly stated that I am behind the latest version on two applications, but noted farther down in the list of results that I do, in fact, have the latest versions. This is due to these applications -- Flash and the Java Runtime Edition -- not removing older versions when updating.

Krebs notes this exact result, and offers remedies which I just followed successfully:

  • Older versions of the JRE can be removed via Add/Remove Programs in the Windows Control Panel (careful not to remove the latest!).

  • The only way to remove older versions of Flash, it appears, is a marvel of kludgery: You download from Adobe a program to uninstall all versions of Flash, close your browser, run the program, fire up your browser again, re-download and reinstall the latest version of Flash, close your browser again, run the installation program, relaunch your browser, and verify the final result.

    Why the uninstaller program isn't included in the installer program remains a mystery to me -- it's not like either program is that big or takes that long to run.

    Anyway, it's easy enough to do, and doesn't take that much time, so if you're as paranoid and obsessive about these things as I am, you may want to do it. If you aren't, there are probably worse things you could neglect. The important thing is to be sure that you're running the latest version.

No comments: