Have you heard? It isn’t new, but many seem to have missed it- Mozilla’s plugin check tool now supports multiple browsers, not just Firefox. Just go to the URL,http://www.mozilla.com/en-US/plugincheck/ with each of your browsers and the plugin tool will list installed plugins and give you a status:
Outdated Version gives you a link to update
Up to Date gives a “thumbs up”
Unknown gives a “research button” which launches a search for you.
The value isn’t just in making sure your plugins are up to date, but also in showing you a list of them. As with anything else in security, get rid of any you don’t need. You may have to settle for disabling some items which can’t be uninstalled.
So what’s the bad news? After you have done this with all the browsers you use, stop and think about doing that throughout your network. Mildly annoying to take a few minutes sitting in front of your machine; painful to agonizing, or even impossible throughout a network. It is enough work making sure the browsers themselves are up to date, plug-ins and add-ons are pretty much hopeless. Sure, patch- and systems-management tools get the browser and applications, but the extras are hanging out there exposed- and there isn’t a good answer for that.
There’s your weekend ray of sunshine…