Product Watch: Secunia To Offer Free Application Updater Service To Consumers

SAN FRANCISCO, CA -- RSA Conference 2010 -- Secunia here today announced a new free service for consumers that automatically checks for and patches their third-party applications when they boot up their Windows machines.

The goal is to pull all third-party application updates into one simple step, rather than piecemeal, so the end user doesn't have to decide whether to install an update or to handle them manually, according to Secunia. The free service is based on technology in its recently announced simplified patch management tool for enterprises that combines its Corporate Software Inspector with Microsoft's Windows Server Update Services (WSUS). The enterprise offering is currently in beta in more than 1,000 enterprises, says Niels Henrik Rasmussen, CEO of Secunia.

Secunia earlier this year abandoned an effort that the company first launched last April at RSA to bring together security vendors to create an industry-standard automatic updater for third-party applications after it didn't get any takers -- and instead came up with its own software for enterprises.

Third-party applications on Windows increasingly have become the hot target for bad guys, with the majority of vulnerabilities on Windows machines coming from these third-party tools, according to recent data from Microsoft. Adobe, which has been one of the biggest targets of late, recently launched its own automatic update service for its applications.

But third-party app updates and patches are still typically handled in isolation; third-party app vendors each handle their updates separately, although browsers, such as Mozilla's Firefox, do search for and pull in updates to some apps. That makes the process too onerous and confusing for consumers, according to Rasmussen.

Secunia plans to begin offering its new consumer service in beta next month or in May, with the final version available in the third quarter. "We will push it to more than 2 million users of our free [security scanning] solution for consumers," Rasmussen says. "This will facilitate awareness on security updates for the consumer ... we can bring simplicity to this. This needs to be dealt with."

Rasmussen says the main difference between this technology and existing patch management tools is its simplified and "unintrusive" approach.

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.