If you follow our blog you know that many websites are not getting the software running on them updated in a timely manner, which is a basic security measures. Just yesterday we looked at the fact that two months after a security update was released for Drupal 7 only 29 percent of the websites running it had been updated. To try to improve the situation we have now put together a Chrome App, Up to Date?, to help those who manage websites keep track of the update status of web apps on those websites. With the app you don’t have to keep track of when new versions of the software are released or log in to the individual websites to see if an update is available as the app lists the versions in use and if it is an outdated version for all the websites in one place.
The app currently can check the versions of the following web apps:
- concrete5
- Drupal
- Joomla
- Magento (Community Edition only)
- MediaWiki
- Moodle
- PrestaShop
- Revive Adserver (formerly OpenX)
- SPIP
- TYPO3
- WordPress
- Zen Cart
(If you are interested in additional web app being checked please let us know in the comments section or through our contact form.)
To show what the app does let’s see if the MediaWiki versions running on some of the websites of the other web apps we check for are being kept up to date:
Of the five, only TYPO3 has kept their MediaWiki installation up to date. Joomla and Moodle are running versions from earlier this year, which is not that bad compared to the other two. Zen Cart is running a MediaWiki versions, 1.18.x, for which support ended in 2012. WordPress has the dubious distinction of still running a version of MediaWiki, 1.15.x, for which support ended back in 2010. That software developers who remind you that you need to keep their software up to date are not following that advice with other software highlights the need for improvement.
Why a Chrome App?
When we started looking at putting this together one of the first questions was what type of application we would make. Making it web-based is an obvious option, but we went with a Chrome app for several important reasons.
One of the big reasons for this was that with a Chrome app we could leverage the version checking code we already created and keep up to date for our various version check extensions. With those you can see if websites are running the software and check if the websites are up to date as your browse in Chrome. There are currently versions available for Drupal, Joomla, Magento, MediaWiki, PrestaShop, Revive Adserver, WordPress, and Zen Cart. While working on the app lead we made some improvements to the version checking code that has been incorporated in to the extensions. Using a Chrome app also allowed us to create something that works across Linux, Mac OS, and Windows.
The other big reason is that these web apps are also used on internal websites, which wouldn’t be accessible if the version checking was done from a web-based app. While updating software running on an intranet doesn’t have the same necessity as something connected to the Internet, numerous breaches of major organizations internal systems is reminder that just because something isn’t directly accessible from the Internet it doesn’t mean that security can be ignored.