Windows vulnerability scanners?

Sunshine-boy

Sunshine-boy

Level 29
Thread author
Verified
Top Poster
Well-known
Forum Veteran
Apr 1, 2017
1,823
8,262
2,768
hello friends:)
I'm searching for Windows Vulnerability Scanner tools...
I know some but they are outdated or useless(Protector Plus, Secunia psi, Heimdal free,...)
I'm searching for smth like Vulnerability Scan in Kaspersky Total Security but can't find any:/
i found one:
Nessus Home
anyone know about this tool?

if you know more please tell me.:p
 
Last edited:
  • Like
Reactions: ZeroDay
Vulnerability scanners are good, but at the end of the day, if you follow just these 3 rules, they're useless for the regular user:
  1. Always update your software (OS, firmware, apps, etc.)
  2. Limit your internet footprint and internet facing software as much as you can
  3. Before allowing inbound access to anything, google search for security best practices for that something you allowed
Vulnerability scanners will almost always find something vulnerable in your system(s) from any scanning direction, and you will almost always get alerts. If you follow these 3 rules, those alerts will me extremely subjective in most of the cases. Besides this, the scanner's database has to be updated regularly, and only commercial and extremely expensive ones are somehow valuable (but still subjective).

Vulnerability scanners are used mostly in enterprise environments with a very well defined scope, not in particular for fixing vulnerabilities, but mostly for regulatory compliance and certification. Anything else is just marketing in most cases.

They have an advantage though: you can learn a lot of things while using them.
 
Last edited:
  • Like
Reactions: ZeroDay, MWNu72, brod56 and 4 others
hello thnx for your explanations:)
I know about these 3 rules but I wanted more:p
you are right they are expensive.
I found some... but as u said its not for home users
 
  • Like
Reactions: Amelith Nargothrond and frogboy
@public enemy Heimdal prevents vulnerabilities and doesn't not scan them (except that it looks after the vulnerable programs).
If you are looking for just a vulnerability 'scanner', here's one you'll like:
Kaspersky Security Checker. It made its debut a few months back and scans for everything the Vulnerability scanner in KIS does (including a quick system scan).
However, it will only product the report and list the findings. The fixes are to be carried out on your own.
 
  • Like
Reactions: ZeroDay, MWNu72, brod56 and 1 other person
Amelith Nargothrond said:
Vulnerability scanners are used mostly in enterprise environments with a very well defined scope, not in particular for fixing vulnerabilities, but mostly for regulatory compliance and certification. Anything else is just marketing in most cases.
Click to expand...

+1
These tools are useless for a regular user.
Just keep your OS updated and your AV signatures up-to-date.
 
  • Like
Reactions: Behold Eck, ispx and Amelith Nargothrond
I know Heimdall (free) is only software updater that's why I said it's useless
thank yo very much mate:)that's what I wanted.
I will DW it
 
  • Like
Reactions: MWNu72 and Parsh
public enemy said:
I know Heimdall (free) is only software updater that's why I said it's useless
Click to expand...

Software updaters are not useless my friend :)
Actually, they are the most valuable anti-vulnerability tools a user can have.

Updates mean (from a security pov):
  1. Fix or disable known vulnerabilities
  2. Postpone the exploit of new possible vulnerabilities introduced (even old ones) and hopefully they get fixed by the time they are discovered with a new update
I do highly recommend the use of such tools!
 
  • Like
Reactions: roger_m, Parsh and Sunshine-boy
I'm using Secunia psi for updating vulnerability software's like adobe,... I said useless cuz they only update your software's ..and path them
but I wanted different thing and that's Kaspersky Security Checker:D
and that's why(results from Kasper):
Process response timeout is out of admissible values

If a timeout is too brief, it will cause applications to appear frozen. Too lengthy a timeout will prevent truly frozen applications from being recognized as such. This may lead to data loss or malfunction of applications in the future.

This problem is usually caused by active malware.

Fixed

Autorun from hard drives is allowed

Some malware replaces the autorun.inf file and copies itself to all available hard disks. This allows an attacker to gain control over the system and user data. When one of the disks is connected to the computer where autorun from the disk is enabled, the malware is executed.

Fixed

Autorun from network drives is enabled

Some types of malware reproduce by copying network drives using the autorun.inf file. This allows an attacker to gain control over the system and user data.

Fixed

CD/DVD autorun is enabled

Some malware and adware is executed automatically from CDs or DVDs when these discs are inserted. This allows an attacker to gain control over the system and user data.

Fixed

Removable media autorun is enabled

Due to the proliferation of removable media, many malicious programs use autorun for distribution and infection. Thus, removable media refers not only to flash drives, but also mobile phones, cameras, card readers, and other devices that use memory cards that connect to a USB port.

Fixed

Microsoft Internet Explorer: caching data received via protected channel is enabled

An attacker that takes control of a system can access confidential user data stored in the cache (email messages, personal data, information from Internet banking websites, and so forth), as well as find out the sites visited by the user.

Fixed

Microsoft Internet Explorer: sending error reports is enabled

In addition to reporting error information, information about user computers can also be reported. Interception of this information can allow a successful attack on a user computer.

Fixed

Microsoft Internet Explorer: some websites saved cookies on your computer

An attacker that takes control of a system can access confidential user data stored in cookies (email messages, personal data, information from Internet banking websites, and so forth), as well as find out the sites visited by the user.

Fixed

Microsoft Internet Explorer: cache autocleanup is disabled on browser exit

An attacker that takes control of a system can access confidential user data stored in the cache (email messages, personal data, information from Internet banking websites, and so forth), as well as find out the sites visited by the user.
 
Last edited by a moderator:
  • Like
Reactions: MWNu72
public enemy said:
I know Heimdall (free) is only software updater that's why I said it's useless
thank yo very much mate:)that's what I wanted.
I will DW it
Click to expand...
@Amelith Nargothrond says the most neglected security truth!
What AVs can't do, patching with updates does.
But if your concern is more than just application vulnerabilities, scanners like KSC can help once (because most of the things it detects are one time setting, except that some important configurations are altered after the scan.. Then a scan once in some weeks/months is fine).
Rest lies in prevention based on care and knowledge of these things.
 
  • Like
Reactions: Amelith Nargothrond and Sunshine-boy
MWNu72 said:
Thank You for mentioning KSC,
it is a Nice tool indeed and I have not tried it before! :)
I also like AVZ a lot, have You tried it before? :
Download / Скачать
Click to expand...
It looks like an anti-spyware plus an anti-trojan ware with more features than basic scanning. Still, a lot of the basis of different provisions mentioned here is based on known signatures/Detections, the site rank (1.6M), and the utility ain't much known. I think a lot of what AV suites do internally is explicitly mentioned in the AVZ description.
How effective has this been for you? I'll give it a try.
 
  • Like
Reactions: MWNu72
You must log in or register to reply here.

You may also like...