There is another front on the war against malware and the internet thieves that want to rob us of our money and identities. At this point, most of us have learned to be careful of what files are downloaded on our computer, particularly when visiting unfamiliar web sites. However, the malware men and women have another attack vector to infiltrate our computers. It’s not played up much in the press, but these are called vulnerabilities.
We all like to use free software, but many have security holes. Through these security holes, malware can enter your computer and execute without your knowledge. All one needs to do is visit a compromised web site, and you are infected. You don’t need to click on anything. The virus enters through the security hole and the game is essentially over. There is a chance that your security software’s real time protection might block it, but it is far better to keep the security hole closed.
We have replicated the problem in our labs using outdated versions of Java. We created a dummy page, and once the page was visited, the payload was delivered and executed without user knowledge or action. The reality is that vulnerabilities are the #1 method way that viruses attack computers not user error! There is a small but growing industry where the virus makers can purchase vulnerability kits that allow them to quickly find the holes in a computers free software. The number one vulnerability kit is called the Black Hole Exploit Kit. Note: the virus makers don’t call them vulnerabilities but exploits.
Let me be the first to admit it. I have never bothered to keep my applications up to date. The reason for my reluctance I put squarely on the shoulders of iTunes. iTunes is a software that I rarely use and in the odd event that I do, it, of course, wants to update. The problem is that iTunes wants to download over 100MB and 30 minutes to update. It just doesn’t seem worth it, just to move a few songs around. So I have come into the habit of ignoring all the updates that we receive when running the application and also during boot.
I asked our research to take a peek and the results were stunning. Over 90% of computers had one or more key softwares out of date. I am not trying to be an alarmist here. Not all software vulnerabilities are of the same threat magnitude and some software it could be totally OK to have out of date. But the point is that is a whole, people do not keep their software up to date and sometimes the results can be catastrophic.
Based on a study of 159,035 computers scanned in March 2013, 89% of the computers had one or more vulnerabilities or out of date software.
PC Matic Automates Software Updates
Most of the time, we do not make an announcement of a new feature in PC Matic, but this one warrants an announcement. If 90% of the people are not keeping their software up to date, then this is a feature that is very sorely needed in the market place because it will keep us all a little bit more secure.
We built all of the technology in house and I am quite proud of the team that put this together and also the end product that hopefully all of you will love. We have 100% automated the time consuming task of downloading, updating all free applications that may impact the security of your computer. On top of that, it also works with our scheduler so that you can set it to run once a week over night, and never worry about it again.
When you combine this with the Super Shield white list protection and the Viper security engine, we think that not only does PC Matic keep your computer running great, it is also more secure than all the other solutions out there.
I want to thank all of our great and loyal PC Matic customers. We are always working to make our product better and hopefully it shows in this new vulnerability feature. Just to be clear, there is no extra charge for this feature. Just open up PC Matic, and it will automatically add in the vulnerability feature. If you are using our scheduler (and a lot of you are), then the vulnerability protection will be enabled by default If you want to change that, you can edit your scheduled scan in PC Matic. If you are not a paying customer, then just download PC Matic and you will get a free analysis of your vulnerabilities.