3DSC 2.3: Perform an Application Audit

Securing your local system is critical to computer security. If the local system has security holes, any subsequent measures taken later on cannot be trusted. Online accounts cannot be trusted if the machine is infected with a keylogger that captures their passwords. Secure communications cannot be trusted if the computer is being eavesdropped on. Encrypted containers cannot be trusted if the files they contain are being exfiltrated off of the machine. One way we can secure the local system is the limit the applications that have access to files. The first step is to perform an application audit.

Perform an Application Audit

Difficulty: Easy
Active Time: 15-30 Minutes
What it protects you from: Malware, privilege escalation, remote access

When it comes to software, you should follow Brian Krebs’ three rules of online security. I list them below, but you should definitely go read his article. They are:

  1. If you didn’t go looking for it, don’t install it.
  2. If you installed it, update it.
  3. If you no longer need it (or it’s become too much of a security risk), get rid of it.

My philosophy mirrors Krebs’. Every application installed on your machine is granted placement and access and is a potential vulnerability. Each application is one that can become out-of-date. Every application is one that may be a vector for a zero-day, even if updated. Performing an application audit consists of a couple of steps. Though I list this as a single day in this 30-day series, you should conduct an application audit roughly once every month or so.

This process really begins before you even install an application. You should think long and hard about wether you need a program before allowing it access to your computer. If you decide you do need an application, keep it updated. Unfortunately, neither Windows 10 nor MacOSĀ  come with a built-in mechanism for ensuring all applications are kept up-to-date.

Updating Applications in Windows 10

My favorite tool for ensuring applications are updated on Windows is PatchMyPC Updater. PatchMyPC is free and scans for outdated apps.

Application AuditOne simple click will begin installing updates for any out-of-date software found.

Application AuditPatch My PC can also be set to run on a schedule. I strongly recommend running this program daily.

Application UpdateIf you are ready to uninstall applications, Patch My PC also has a built-in uninstaller.

Updating Applications in MacOS

MacOS supports automated updates for some applications through the App Store. To ensure these are installed automatically, open your system preferences and click “App Store”. Ensure the “Install app updates” box is checked.

Unfortunately, the App Store does not update third-party applications. For this you will have two options. First, you can manually check all of your third-party applications to ensure they are up-to-date. This is a rather onerous process, and one that is prone to overlooking some applications. I have yet to find a Mac application updater that I am completely satisfied with, but the best one I have found is MacUpdate Desktop.

This is a paid application that requires you to create an online account. For this I used a Blur address and a fake name. The free version of the application is very limited; you will receive a limited number of scans, and it will not automatically update your apps. You can pay for the full version ($20 for six months) or use the app to show you what is outdated, and update manually. There is a great deal of utility even in the free version – I was surprised to find that I had five outdated apps on my computer. The pain of manually updating these apps is reason enough to get rid of anything you aren’t using!

Getting Rid of Applications

The next step in this process is to get rid of anything you don’t use on a regular basis. I recommend you go through your entire list of applications and uninstall anything you haven’t used in the last 30 days. If you can get by without it – get rid of it!

After performing a solid application audit, downgrading to a standard user account, and ensuring your operating system is updated, you have made huge strides in securing your local system!

Leave a Reply