Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Updating Infrequently Used Programs - How Important is this?


  • Please log in to reply
6 replies to this topic

#1 eq_eldar

eq_eldar

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:44 AM

Posted 07 July 2015 - 05:17 PM

Hello guys,

 

I have a question  with regards to updating your PC.  I update windows, plugins, and software on a weekly basis to keep my PC secure.

 

When updating, I am always finding myself updating the most used programs, and skipping the programs I use very rarely.  This has triggered the following question:

 

Q.  Does an out of date program pose a 'security risk' when it is not being used very often?  For example, If I haven't updated VLC player for months, but equally haven't used VLC player in months, does this pose a security risk? Should I even bother to update it, if not using it regularly?

 

Note:  I used VLC as a random example, but of course there are many infrequently used programs on a PC.  Alot of these programs you want to keep installed because they are useful from time to time.

 

Thanks guys,

Eldar

 

 

 

 



BC AdBot (Login to Remove)

 


#2 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,683 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:44 PM

Posted 07 July 2015 - 05:21 PM

Hi eq_eldar :)

As long as this program can be exploited, then yes it can be considered as a security threat, whether you use it often or not. So I suggest you to update all of your programs, no matter if they are used frequently or not. If you want, Secunia PSI can help you update them and keep track of the ones that are up-to-date and the ones that aren't.

https://secunia.com/vulnerability_scanning/personal/

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#3 TsVk!

TsVk!

    penguin farmer


  • Members
  • 6,236 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Antipodes
  • Local time:12:44 PM

Posted 07 July 2015 - 05:30 PM

+1 for Secunia



#4 eq_eldar

eq_eldar
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:44 AM

Posted 07 July 2015 - 05:32 PM

Hi Aura, 

 

Thanks for the speedy reply.  I guess that leads me onto the next question:

 

Q.  Which programs are considered 'vulnerable' or 'exploitable' from a security standpoint?  Obviously Internet browsers are exploitable and vulnerable, but what about programs like 'MSI Afterburner', '7zip' or 'ccleaner?

 

Note:  I prefer to update manually so do not use secunia, but I have heard its a great program all the same.


Edited by eq_eldar, 07 July 2015 - 05:34 PM.


#5 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,683 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:44 PM

Posted 07 July 2015 - 05:34 PM

I would say: web browsers, plugins, media players, Antivirus programs and office programs on top of my head. Pretty much every program can be exploited if the exploit is crafted correctly. But not all of them are popular target. Anyway, keeping all your programs up-to-date is part of the basis of keeping a system running well.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#6 TsVk!

TsVk!

    penguin farmer


  • Members
  • 6,236 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Antipodes
  • Local time:12:44 PM

Posted 07 July 2015 - 05:42 PM

Programs that load 3rd party data are most likely to be exploited... so that includes 7zip but does not include MSI Afterburner or CCleaner. This does not preclude the possibility though.



#7 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,683 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:44 PM

Posted 07 July 2015 - 08:44 PM

Well I guess these programs could be modified in a way (via settings files or Registry configuration) to become harmful, but I've never seen it happen so far so :P

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users