Slashdot Mirror

← Back to Stories (view on slashdot.org)

Typical Windows User Patches Every 5 Days

Posted by timothy on from the about-how-often-I-shave dept.

CWmike writes "The typical home user running Windows faces the 'unreasonable' task of patching software an average of every five days, security research company Secunia said on Thursday. 'It's completely unreasonable to expect users to master so many different patch mechanisms and spend so much time patching,' said Thomas Kristensen, the company's CSO. The result: Few consumers devote the time and attention necessary to stay atop the patching job, which leaves them open to attack. Secunia says that of the users who ran the company's Personal Software Inspector in the last week of January, half had 66 or more programs from 22 or more different vendors on their machines. ... Secunia has published a white paper (PDF) that details its findings."

13 of 388 comments (clear)

  1. sucks to be support by yagu · · Score: 4, Interesting
    I'm the guy in our household responsible for applying our patches, being an IT professional and all.

    Since we have a "few" computers all around the house, it's pretty much every time I sit down to one I have to apply patches, and usually a reboot to boot. Sometimes, it's a rarely used computer that I grab (laptop) just to get a few quick things done, and it requires multiple iterations of patches and reboots. Sigh.

    I find it exasperating that my experience is almost always, "apply these patches", and then you can do some work with Windows. The good news (for me), I'm finally migrating EVERYTHING (as in replacing with) Macs and Linux. Time and money, that's all it takes.

    Interestingly the other day... I got in and was productive immediately on a Windows laptop. Wow! C'est vrai? And when I went to shut it down? "Please do not power down your computer. Windows is installing (3 of 10...) updates..." WTH?

    1. Re:sucks to be support by mcgrew · · Score: 4, Interesting

      And if you have to patch BEFORE you start working, then that's bad, but if you have to patch when you shut down instead, that's bad too. When should these updates happen, ideally?

      I'd say a hell of a lot less frequently than once a week! Ideally, you should be able to tell the PC "download and install updates on shutdown" and when you shut it down, the computer downloads and installs the patches you select, then shuts down.

      Better yet, it should be like Linux -- you only have to reboot if there's there's an update to the kernel.

      --
      Free Martian Whores!
  2. why is it so unreasonable? by tjstork · · Score: 5, Insightful

    patching for Windows is largely automated...

    Heck, my Linux has patches every day and I kinda see that as a good thing.

    --
    This is my sig.
    1. Re:why is it so unreasonable? by GIL_Dude · · Score: 4, Insightful

      I'm pretty sure he means that Flash will want to update, Adobe Reader will complain, Windows will want to patch itself, etc. For folks using iTunes - it will want to throw down the latest iTunes and Quicktime. Firefox will want to update, etc., etc. ad nauseum.

      The real issue is that Windows doesn't have a centralized update mechanism. Quite frankly the ISV's resisted the idea as they didn't want to have anything seem like Microsoft controlled it. More and more I am leaning towards the belief that Microsoft needs to build a centralized update service and allow ISV's to opt in to it. After they realize they can post their updates without being metered or anything by Microsoft they will find that they don't have to build custom updaters, write services to do it so that they don't have UAC prompts for patches, etc.

  3. Seems to be automatic by Sowelu · · Score: 5, Informative

    Funny--my Firefox updates when I start it up, my Flash and Java and Adobe Reader update essentially on their own, and Windows updates when I shut it down...Steam updates on its own...Trillian and uTorrent give me a button to push to update them...I'm pretty much a power user, but I've never been prompted to update something that was remotely confusing. As long as things that need updating have an easy button to push to do it for you, I'm happy--extra bonus points if there's a checkbox in the installer to choose between "update automatically" and "prompt annoyingly when an update is available"

    1. Re:Seems to be automatic by Dice · · Score: 4, Insightful

      The real problem in Windows is that all of these software packages have their own independent (and potentially broken) update mechanisms. One thing that modern Linux distros get right is centralized software updates. My Ubuntu laptop has a dialog box waiting for me most mornings that details any software updates it would like to install, and whether or not they are security related. I could tell it to do it all automatically but I like reviewing the changes before I install them.

  4. But if they just buy our software by Sycraft-fu · · Score: 5, Insightful

    We can manage all those patches for them!

    Seriously, that is what this looks like to me. It is a load of bullshit over all. Reason being that few things actually need patches for security reasons. The OS, virus scanner, browser, browser plugins and so on sure. However a videogame? No probably not. Well guess what? Turns out most of the stuff that needs patching, patches itself. Windows downloads patches and applies them in the middle of the night. Firefox grabs new versions when you surf, and installs next time it starts up. Virus scanners update silently in the background all the time.

    If people actually had to spend time managing patches on all their apps, sure ti might be a problem. However for the most part that isn't the case. In the default config most important apps update themselves.

  5. So... by Xipe66 · · Score: 5, Insightful

    My Ubuntu installation updates and patches way more often than my Windows installs do. Newsworthy? Didn't think so /.

    --
    Civilization is the process of setting man free from men.
    1. Re:So... by copponex · · Score: 4, Insightful

      This is an excellent answer to the typical 'why can't I just double-click on an .exe file?!' whine about Linux software installation, BTW.

      Yes. OS X and Windows desktop market share illustrate why binary installers that work across years of operating system releases are dumb.

      Until the Linux community can get together and hash the installer problem out, you're not only locking out larger developers, but smaller ones as well. Pretending that this isn't a problem is not a solution.

  6. Computers exist to serve people! Not the reverse. by gestalt_n_pepper · · Score: 4, Insightful

    Windows can patch itself to hell. Firefox and Adobe too, for all I care -

    AS LONG AS THEY DON'T INTERRUPT, STEAL MY FOCUS, PUT UP CRAP ERROR MESSAGES OR REBOOT WITHOUT ASKING!

    There's a portable at home I open only on weekends. Want to guess what happens for the first 30 minutes after I turn it on? Yup. An unusable computer that's *updating* itself. Java. Adobe. Firefox. Firefox *add-ins", Windows, and possibly, the current timeline in which I exist.

    Needless to say, ALL of these want me to agree/disagree, actually *view* their updates, click a modal dialog, or reboot - repeatedly. I really don't care if updates have to happen, BUT KEEP THEM OUT OF MY FACE.

    And don't slow the computer to a crawl. If the update takes all day, do I care? Not if it doesn't interfere with me.

    Computers exist to serve ME. Make the computer wait, NOT ME!

    --
    Please do not read this sig. Thank you.
  7. QQ by negRo_slim · · Score: 4, Insightful

    I'm the guy in our household responsible for applying our patches, being an IT professional and all.
    Since we have a "few" computers all around the house, it's pretty much every time I sit down to one I have to apply patches, and usually a reboot to boot. Sometimes, it's a rarely used computer that I grab (laptop) just to get a few quick things done, and it requires multiple iterations of patches and reboots. Sigh.

    I'm the guy in our household responsible for applying our patches, being an part time Web Developer and all.
    Since we have a "few" computers all around the house, I just set Windows Update to download and notify me when updates are available. Providing me convienence and still retaining the ability to opt to not to install a patch.

    Since Win7 got installed on my desktop I rarely have to restart for 99.9% of all day to day tasks, but when something out of left field like patch time comes it's increased speed to the login screen makes it much seem less of a chore having to wait 5 minutes while my PC is being updated.

    And on my gf's laptop with Vista the reboots are slightly more often and and take a little longer.

    But then again I'm on the computer 12 hours out of the day, so 5-10 mins once a week for maintenance really seems to be a non issue.

    --
    On the Oregon Cost born and raised, On the beach is where I spent most of my days
  8. Re:Seems about right by Korin43 · · Score: 4, Insightful

    On a system like Ubuntu, running updates automatically in the background wouldn't be particularly dangerous. That way you only need to pay attention to the updater once every 6 months. After using Linux I don't understand how Windows users put up with the Microsoft updates that frequently fail to install, sometimes require multiple reboots and then still needing to update everything else manually.

  9. Re:Seems about right by sjames · · Score: 5, Insightful

    Patches breaking things is a big deal. Nothing will convince users to never allow updates faster than having one break their system when they desperately need it to be working.

    A close second is having MS sneak in user hostile changes under the guise of a critical security update. That makes it impossible to even convince users to "risk it" even for the really important updates.

    Though even in the case of Debian, I'm a bit too paranoid to do updates by cron job, it's good enough that if I don't see any rending of garments on debian-security, I presume it's safe enough to try on one system. If nothing bad happens, the rest get updated right away.