Sunday, August 21, 2011

Browser update checking tool from Qualys

Exploiting the browser vulnerabilities has been a easiest among the attacks that is taking place..Latest one to get world wide attention was Com modo SSL Certificate issue. Where it is possible for a malicious individual to post a fake gmail or hotmail page with bogus SSL Certificate and trick user to trap their credentials.
Two easiest way to combat similar kind of threat is to ensure our OCSP (Online Certificate status protocol is enabled and working properly. Second one is to update the browser with the latest Certificate revocation list (CRL) which is in-turn in the hands of browser vendors to send a quick patch to update the CRL list.
Browser vendors are pretty quick in that regards to send an update, but how many of the home users be keen in updating and a good chance they might know know whether they have already updated or not. Here is the usual tool from Qualys helps individual to ensure whether their browser is the most update or gives the ability to update it..
Why do I need to install the BrowserCheck Plug-in to scan?
Plugin based scan provides more details and accurate results than using a non-plugin based scan. Please note that plugin based scan is available only for IE, Firefox and Chrome on Windows platform.
  • It shows complete location of the checked file in the details
  • It can read the complete version of the installed plugins to determine the status more accurately.
  • It can also determine security status based on the version of associated files and not just the plugin file. One such example is Foxit Reader.
  • It can also perform OS based dependent checks such as Service Pack information in determining the security status of some plugins such as Windows Media Player.
  • It can do more comprehensive checks than what is provided by the browser via javascript.
The Qualys BrowserCheck tool checks your browser as well as browser plugins and add-ons to identify insecure and out-of-date versions that put you at risk. It also checks if your Windows operating system is supported by Microsoft. Microsoft security updates cannot be installed on unsupported operating system versions. These items are detected:
Click here for online scan
Click here for more info on the tool: Qualys