New SMB Browser Tool Hunts Down Insecure Plugins
Vulnerability management company Qualys has invited small businesses to sign up to use a free online tool that can scan browsers for out-of-date versions and plugins that might be putting users at risk.
At heart, BrowserCheck Business Edition is a business-oriented version of the useful BrowserCheck tool the company made available to single users last year. Employees install a plug-in from a custom URL which gathers data on installed plugins and browser versions, alerting admins to which are out of date and offering a link to updated versions.
The major difference with the business version is that employees conduct scans through a single unique URL in a way that gives admins a consolidated view of the results for an entire organisation over time.
The focus on browser insecurity is justified, Qualys said. Only last month, research by the company showed that browser plugins for common applications such as Adobe Flash and Reader and Java now accounted for the majority of software flaws that targeted by criminals.
"Bad browsers and bad plugins are the major entry point for malware today," said Qualys CTO, Wolfgang Kandek. "Small companies are [especially] affected by this."
According to Kandek, BrowserCheck Business Edition was designed for small companies that would not have the resources to buy the patch-management applications used by larger businesses.
As with the single-user version, BrowserCheck Business Edition supports all major operating system, including all versions of Windows, Max OS X and Linux, running common versions of Mozilla Firefox, Google Chrome, Internet Explorer, Opera and Safari.
The benefit Qualys gains from offering a free service is the possibility of converting some of the companies that sign up to its higher-end paid services such as Patch Report. It will also gain vital intelligence on the state of browser security which it can use to bolster its services.