Typical Windows User Patches Every 5 Days

CWmike writes "The typical home user running Windows faces the 'unreasonable' task of patching software an average of every five days, security research company Secunia said on Thursday. 'It's completely unreasonable to expect users to master so many different patch mechanisms and spend so much time patching,' said Thomas Kristensen, the company's CSO. The result: Few consumers devote the time and attention necessary to stay atop the patching job, which leaves them open to attack. Secunia says that of the users who ran the company's Personal Software Inspector in the last week of January, half had 66 or more programs from 22 or more different vendors on their machines. ... Secunia has published a white paper (PDF) that details its findings."

Seems to be automatic

[Sowelu]

Funny--my Firefox updates when I start it up, my Flash and Java and Adobe Reader update essentially on their own, and Windows updates when I shut it down...Steam updates on its own...Trillian and uTorrent give me a button to push to update them...I'm pretty much a power user, but I've never been prompted to update something that was remotely confusing. As long as things that need updating have an easy button to push to do it for you, I'm happy--extra bonus points if there's a checkbox in the installer to choose between "update automatically" and "prompt annoyingly when an update is available"

Why just Windows?

[east coast]

I've owned a Droid phone for 5 days now. I've already had to "patch" two of the apps for it out of about 10 apps that I have on the phone.

By those standards I'd say MS is doing one hell of a fine job.

Re:Seems about right

[ottothecow]

I feel like my ubuntu system has been pestering me with updates far more frequently lately as well...

Difference in update methods not number of updates

[fwittekind]

I think the difference is that with Windows, you have to install updates from Microsoft via one method, updates to Adobe software via another method, updates to Firefox by another method. Lots of things for the user to learn, there isn't just a click one thing and it updates everything.

My Linux box on the other hand, does have quite a few updates, and requires updating often, but, it's just one interface to update everything, including from third party vendors (i.e. Adobe)

Re:Seems about right

[drsmithy]

After using Linux I don't understand how Windows users put up with the Microsoft updates that frequently fail to install, sometimes require multiple reboots and then still needing to update everything else manually.

Because none of those things are particularly accurate ?

Re:Seems about right

[Korin43]

1. updates that frequently fail to install: My friend's laptop constantly complains about needing ~44 critical updates, but any attempt to install them results in an instant "44 updates failed to install". On my laptop, luckily, most updates installed, but I always had 2 or 3 that wouldn't.

2. Multiple reboots: Install Windows XP (without any service packs) and try updating. Count the number of reboots. Try a similar test on any Linux distro (pick a CD as old as you want), notice how you only need to reboot once to have all of the updates apply.

3. Still needing to update anything else manually: Turn on a computer with Windows that hasn't been used in a year. Install all updates. Now go here: http://www.filehippo.com/updatechecker/ [filehippo.com]. Notice how many installers you need to download and run manually. Start up any arbitrarily old Linux distro and run an update. Notice how everything is up to date (note: By default, most distros don't give you the newest version of most software, but this is intentional and can be worked around by using a distro that doesn't suck).

Re:sucks to be support

[VocationalZero]

Windows you have a known memory leaks in parts of svchost, so if you keep that thing up for a week you'll see it taking up anywhere from 250mb [windowsbbs.com] to more than a gig. [techguy.org] This occurs in all versions of windows from XP to 7, 64 bit and 32 all the same

Bullshit. If you actually believe that all Windows machines leak that bad only after a week you have been absolutely mislead.

Re:sucks to be support

[jim_v2000]

"desktop window manager is DWM.exe, you goof. It has nothing to do with the calls svchost makes in any form. 0 of it is the desktop window manager."

Wrong. In Windows 7 (and probably Vista too) there is a service called Desktop Window Manager Session Manager that sucks up around 100mb of RAM. You can right-click on svchost.exe in the Task Manager and click Go To Services to see which services are running under that particular instance of svchost.

Re:Seems about right

[RMS Eats Toejam]

Install Windows XP (without any service packs) and try updating.

Stop right there. First try installing an operating system released after 2001. That will take care of 1 and 2 together.

Re:Seems about right

[aztracker1]

Well, installing an OS version first released 7-8 years ago may not be the best solution all around. Also, you can simply download the latest service pack, and start with that install first. Not being a troll here, simply that if I were to install Fedora Core 1, and update from there, I might experience a couple of pain points along the way. The real issue with windows, is most software isn't distributed by Microsoft, with Linux it's mostly from your distro. If you start installing software from outside what your distro's repositories come with, you will see similar issues. ex: updating VMWare Server after every single kernel update in the OS updates...

Re:Seems about right

[Kugrian]

On a friend Vista system I've had to deal with updates that twice prevented Windows from loading even in safe mode. The best one though was the update required to Windows update which it couldn't install because it wasn't updated. Luckily updating to service pack 2 messed up the system enough for a reinstall to be required.

Re:Seems about right

[jhol13]

What?

Ubuntu (9.10 or 8.04) has constant updates and approximately once a month a kernel fix, which require a reboot. Some other patches has gotten my system into a state which require[1] reboot. You really need to pay attention much more often than "once every 6 months".

[1] The easiest and fastest option.

Re:Seems about right

[TangoMargarine]

1. "I heard an anecdote once and it was really lousy." I had Vista on my machine, then installed Windows 7. In those 3 years, I have only ever had one update fail to install, and it took about 10 minutes to fix because I didn't have the SP.
2. That's why you don't install Windows XP with any frequency. Oh my god, I have to reboot four times, once every six months...soooo much work...

And yes, before you ask, I have installed XP before. SP2 + updates = 4 reboots I seem to recall.

Re:Seems about right

[Anpheus]

1. What OS? It's impossible to diagnose the reason for your anecdote without more specifics. Frankly, it sounds like his laptop is infected and yours had updates that were old enough to be superceded (XP I believe would sometimes fail an update that wasn't needed because of another update.)

2. Installing Windows XP without any service packs is as silly as installing Ubuntu 4.10 (notice that this is four years after Windows XP came out).. Actually, try installing Ubuntu 4.10 and see how many reboots it takes. You're in for a treat. For bonus points, install a bunch of user applications, send some emails, write some documents, and then see what happens to these applications as you upgrade to Ubuntu 9.10.

3. I fail to see how this is Microsoft's fault. If they had an officially sanctioned app store they'd be crucified for pushing it with Windows. Such an app store would invariably be useful. Anyhow, in a business setting you can deploy non-Windows, non-Microsoft updates through the Windows Update utility, so I can force Adobe Flash to update on clients, for example.

Re:Seems about right

[Culture20]

After using Linux I don't understand how Windows users put up with the Microsoft updates that frequently fail to install, sometimes require multiple reboots and then still needing to update everything else manually.

Because none of those things are particularly accurate ?

http://social.msdn.microsoft.com/Forums/en/sqlexpress/thread/c7d0a234-763b-4f9c-b7ec-3a40df6340a8 [microsoft.com]
Here's the fix, the only way I've gotten this to work. And we've got a lot of machines with Visual Studio where "Everything" was selected (and is actually used), so updating SQL Express is a good idea:
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server\MSSQL.1\Setup" /value Resume /type dword /data 0
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server\MSSQL.2\Setup" /value Resume /type dword /data 0

Oh, and also shut down the SQL Express Service. Why couldn't these things be built into the patch? Why isn't there a new patch that supersedes the old one that does these things since Microsoft knows about them?

"still needing to update everything else manually." Acrobat Reader and Java updates fail a lot. To update GIMP on Windows, I have to manually download the program again. To update Sysinternals Suite when there's a significant security update, I have to download the zipfile manually from Microsoft. In XP for several years, Microsoft required manual patching of the "disable autorun group policy option that doesn't really disable autorun" bug until major security firms called them on it. Eventually it found its way into Optional Updates (not automatic, because MS decided it wasn't critical).