New CSI Tool is on the Case Against Software Vulnerabilities

The Information Security Office has teamed up with Technology Customer Services to confront a serious security concern: out-of-date software.

The solution they have rolled out – an application called Secunia Corporate Security Investigator (CSI) – is helping keep campus computers patched with the most-current software updates to avoid the kinds of vulnerabilities that viruses and malware can exploit.

Each month, Windows machines around UT Dallas are set up to install patches to their operating systems and Microsoft Office software. However, the process leaves products like Adobe Reader, Mozilla Firefox, Apple QuickTime and others requiring their updates to be performed by system owners or their technical staffs. Because there are thousands of computers campuswide, the problem threatened to be daunting.

Information Security began testing CSI to maintain all of this third-party software at a safe patch level, after which CSI was launched in Student Affairs followed by the Office of Budget and Finance. The first computers to get the software were those serviced by Technology Customer Services (TCS), a unit of the Office of Information Resources.

Departments not serviced by TCS, such as the School of Natural Sciences and Mathematics and the School of Arts and Humanities, have also already deployed CSI in their computers.

CSI makes it possible for all programs to be patched at the same time and by the same method that computers have been using to receive their monthly Microsoft Windows patches. Information Security has reported no service disruptions in the machines running the application.

CSI will be rolled out to the rest of the departments that TCS services in the coming weeks. Users are not required to take any action to prepare. Questions or concerns about installing CSI should be directed to the IR Help Desk at 972-883-2911.