Sometimes you like to use backdated software, perhaps to avoid bloatware. But perhaps you have some old software you’ve forgotten about. If you want to know, Secunia has a free product called PSI that will scan your system and alert you to any outdated software you may have. Then you can either update it, if it’s something you use and want to keep up to date, or uninstall it.
On the commercial side, the same company offers Vulnerability Intelligence Manager. I’m very unimpressed with the competing Symantec ESM, and it really seems to me that there’s an inherent advantage to using a different vendor for your operating system, patch deployment, antivirus, and information assurance. That way you have four vendors keeping each other honest.
For patch management, I have extensive experience with Shavlik Netchk and about a year’s experience with Microsoft’s WSUS. I recommend Shavlik’s Netchk product, as it updates not just Microsoft products but also common third-party apps, and it can do a rudimentary scan for missing patches. And not only that, it works better, giving administrators finer control over what you deploy and when and how you reboot.
I don’t have any personal experience with VIM, as I’ve always been a remediator rather than an auditor. If security audits are something your company wants, look into it.
David Farquhar is a computer security professional, entrepreneur, and author. He has written professionally about computers since 1991, so he was writing about retro computers when they were still new. He has been working in IT professionally since 1994 and has specialized in vulnerability management since 2013. He holds Security+ and CISSP certifications. Today he blogs five times a week, mostly about retro computers and retro gaming covering the time period from 1975 to 2000.