Forgot your password?
typodupeerror
Upgrades Windows Bug Security IT Technology

Typical Windows User Patches Every 5 Days 388

Posted by timothy
from the about-how-often-I-shave dept.
CWmike writes "The typical home user running Windows faces the 'unreasonable' task of patching software an average of every five days, security research company Secunia said on Thursday. 'It's completely unreasonable to expect users to master so many different patch mechanisms and spend so much time patching,' said Thomas Kristensen, the company's CSO. The result: Few consumers devote the time and attention necessary to stay atop the patching job, which leaves them open to attack. Secunia says that of the users who ran the company's Personal Software Inspector in the last week of January, half had 66 or more programs from 22 or more different vendors on their machines. ... Secunia has published a white paper (PDF) that details its findings."
This discussion has been archived. No new comments can be posted.

Typical Windows User Patches Every 5 Days

Comments Filter:
  • There seem to have been loads of updates recently
    • Re: (Score:3, Informative)

      by ottothecow (600101)
      I feel like my ubuntu system has been pestering me with updates far more frequently lately as well...
      • by fredjh (1602699)

        Lately? I was just about to say it's been nearly every day for years.

        Of course, that includes non-security updates, too, but it checks every damn time you log in. The option is to turn it off completely? That's no good, either.

      • by sjames (1099)

        How many different mechanisms is that? TFA indicated it's 22 different ones for Windows users. Let's see, there's apt, and then Firefox, so there's 20 to go...

        • Yeah, using apt or urpmi or some other package management system really helps with that aspect. The packages update about as frequently but instead of having to figure out the proper way to update acrobat one day and winamp the next, it does it all from the same interface.

          Is there a big downside risk to letting apt update by itself? It requires superuser access and given how frequently I am inclined to run it, I can see situations where a user without su priveledges might still want updates flowing.

          • by Korin43 (881732) on Thursday March 04, 2010 @04:56PM (#31363404) Homepage
            On a system like Ubuntu, running updates automatically in the background wouldn't be particularly dangerous. That way you only need to pay attention to the updater once every 6 months. After using Linux I don't understand how Windows users put up with the Microsoft updates that frequently fail to install, sometimes require multiple reboots and then still needing to update everything else manually.
            • Re: (Score:3, Interesting)

              It depends heavily one what you are doing with your computer at the time of writing. Windows does not allow you to write executable files that are currently running and I believe there is a similar restriction for .dlls that are loaded into memory. At least you are notified of the need to reboot. I may be incorrect but I believe the only thing that triggers a reboot on ubuntu are changes to a specific set of packages. As such, its always possible to install updates and still have vulnerable code loaded into
              • Re: (Score:3, Informative)

                by Kugrian (886993)

                On a friend Vista system I've had to deal with updates that twice prevented Windows from loading even in safe mode. The best one though was the update required to Windows update which it couldn't install because it wasn't updated. Luckily updating to service pack 2 messed up the system enough for a reinstall to be required.

            • by sjames (1099) on Thursday March 04, 2010 @06:02PM (#31364248) Homepage

              Patches breaking things is a big deal. Nothing will convince users to never allow updates faster than having one break their system when they desperately need it to be working.

              A close second is having MS sneak in user hostile changes under the guise of a critical security update. That makes it impossible to even convince users to "risk it" even for the really important updates.

              Though even in the case of Debian, I'm a bit too paranoid to do updates by cron job, it's good enough that if I don't see any rending of garments on debian-security, I presume it's safe enough to try on one system. If nothing bad happens, the rest get updated right away.

            • Re:Seems about right (Score:4, Informative)

              by drsmithy (35869) <drsmithy@nOSPam.gmail.com> on Thursday March 04, 2010 @06:23PM (#31364568)

              After using Linux I don't understand how Windows users put up with the Microsoft updates that frequently fail to install, sometimes require multiple reboots and then still needing to update everything else manually.

              Because none of those things are particularly accurate ?

              • Re:Seems about right (Score:4, Informative)

                by Korin43 (881732) on Thursday March 04, 2010 @06:49PM (#31364898) Homepage
                1. updates that frequently fail to install: My friend's laptop constantly complains about needing ~44 critical updates, but any attempt to install them results in an instant "44 updates failed to install". On my laptop, luckily, most updates installed, but I always had 2 or 3 that wouldn't.

                2. Multiple reboots: Install Windows XP (without any service packs) and try updating. Count the number of reboots. Try a similar test on any Linux distro (pick a CD as old as you want), notice how you only need to reboot once to have all of the updates apply.

                3. Still needing to update anything else manually: Turn on a computer with Windows that hasn't been used in a year. Install all updates. Now go here: http://www.filehippo.com/updatechecker/ [filehippo.com]. Notice how many installers you need to download and run manually. Start up any arbitrarily old Linux distro and run an update. Notice how everything is up to date (note: By default, most distros don't give you the newest version of most software, but this is intentional and can be worked around by using a distro that doesn't suck).
                • Re:Seems about right (Score:4, Informative)

                  by aztracker1 (702135) on Thursday March 04, 2010 @07:48PM (#31365478) Homepage
                  Well, installing an OS version first released 7-8 years ago may not be the best solution all around. Also, you can simply download the latest service pack, and start with that install first. Not being a troll here, simply that if I were to install Fedora Core 1, and update from there, I might experience a couple of pain points along the way. The real issue with windows, is most software isn't distributed by Microsoft, with Linux it's mostly from your distro. If you start installing software from outside what your distro's repositories come with, you will see similar issues. ex: updating VMWare Server after every single kernel update in the OS updates...
                • Re: (Score:3, Informative)

                  by Anpheus (908711)

                  1. What OS? It's impossible to diagnose the reason for your anecdote without more specifics. Frankly, it sounds like his laptop is infected and yours had updates that were old enough to be superceded (XP I believe would sometimes fail an update that wasn't needed because of another update.)

                  2. Installing Windows XP without any service packs is as silly as installing Ubuntu 4.10 (notice that this is four years after Windows XP came out).. Actually, try installing Ubuntu 4.10 and see how many reboots it takes.

              • Re: (Score:3, Informative)

                by Culture20 (968837)

                After using Linux I don't understand how Windows users put up with the Microsoft updates that frequently fail to install, sometimes require multiple reboots and then still needing to update everything else manually.

                Because none of those things are particularly accurate ?

                http://social.msdn.microsoft.com/Forums/en/sqlexpress/thread/c7d0a234-763b-4f9c-b7ec-3a40df6340a8 [microsoft.com]
                Here's the fix, the only way I've gotten this to work. And we've got a lot of machines with Visual Studio where "Everything" was selected (and is actually used), so updating SQL Express is a good idea:
                reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server\MSSQL.1\Setup" /value Resume /type dword /data 0
                reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server\MSSQL.2\Setup" /value Re

            • Re:Seems about right (Score:4, Informative)

              by jhol13 (1087781) on Thursday March 04, 2010 @07:50PM (#31365504)

              What?

              Ubuntu (9.10 or 8.04) has constant updates and approximately once a month a kernel fix, which require a reboot. Some other patches has gotten my system into a state which require[1] reboot. You really need to pay attention much more often than "once every 6 months".

              [1] The easiest and fastest option.

    • Re: (Score:3, Insightful)

      by bunratty (545641)
      My Fedora 11 system has patches to install nearly every day. At least all the updates come through one mechanism, and usually I don't need to reboot to apply the patches.
  • sucks to be support (Score:4, Interesting)

    by yagu (721525) * <yayagu@@@gmail...com> on Thursday March 04, 2010 @03:51PM (#31362372) Journal
    I'm the guy in our household responsible for applying our patches, being an IT professional and all.

    Since we have a "few" computers all around the house, it's pretty much every time I sit down to one I have to apply patches, and usually a reboot to boot. Sometimes, it's a rarely used computer that I grab (laptop) just to get a few quick things done, and it requires multiple iterations of patches and reboots. Sigh.

    I find it exasperating that my experience is almost always, "apply these patches", and then you can do some work with Windows. The good news (for me), I'm finally migrating EVERYTHING (as in replacing with) Macs and Linux. Time and money, that's all it takes.

    Interestingly the other day... I got in and was productive immediately on a Windows laptop. Wow! C'est vrai? And when I went to shut it down? "Please do not power down your computer. Windows is installing (3 of 10...) updates..." WTH?

    • by Drethon (1445051)
      For me that's kind of a so what... I patch as much as windows will let me without a restart and go about my business. Once I'm done I shut down and walk away weather its a desktop or laptop ( the laptop I just drop somewhere appropriate and plugged in). Most of the time those patches don't mean a whole lot to me because the only time they cause me much of a problem is with viruses but my web computer I use often and my non-web computer couldn't care less (not that I go to most of the sites that are virus
    • Re: (Score:3, Interesting)

      by Sowelu (713889)
      Just want to make sure I get what you're saying... So you're complaining that if you don't use a computer for a month, then suddenly you have to catch up on a month's worth of updates? Sure, it would be nice if they were cumulative--but these patches are designed for a daily user, and putting out multiple versions of updates just means there's more ways that something could go wrong.

      And if you have to patch BEFORE you start working, then that's bad, but if you have to patch when you shut down instead,
      • by mcgrew (92797) * on Thursday March 04, 2010 @04:29PM (#31362944) Homepage Journal

        And if you have to patch BEFORE you start working, then that's bad, but if you have to patch when you shut down instead, that's bad too. When should these updates happen, ideally?

        I'd say a hell of a lot less frequently than once a week! Ideally, you should be able to tell the PC "download and install updates on shutdown" and when you shut it down, the computer downloads and installs the patches you select, then shuts down.

        Better yet, it should be like Linux -- you only have to reboot if there's there's an update to the kernel.

    • Re: (Score:3, Insightful)

      by ekgringo (693136)
      It really aggravates me the way that Vista and now Windows 7 force patch installation at shutdown. Usually when I shut down, I'm taking my laptop somewhere else and often running late. When the patching happens I have no recourse but to let the damn thing finish running in my backpack, with my fingers crossed hoping the battery doesn't die and the laptop doesn't overheat while running full-tilt in a small enclosed space.
      • Re: (Score:3, Insightful)

        by Totenglocke (1291680)

        Usually when I shut down, I'm taking my laptop somewhere else and often running late.

        ........why wouldn't you just put it to sleep or hibernate it? I only ever do a shut down / reboot on my Windows 7 systems when it's absolutely necessary, which is maybe once a month.

    • by dave562 (969951)

      I find it exasperating that my experience is almost always, "apply these patches", and then you can do some work with Windows. The good news (for me), I'm finally migrating EVERYTHING (as in replacing with) Macs and Linux. Time and money, that's all it takes.

      Enjoy the brief respite while it lasts. My OSX box seems to want patches to be installed at least every couple of weeks. Even the Ubuntu server that I have in production seems to want an occasional reboot due to patch related processes.

    • Yeah, good plan there. 'cause other operating systems NEVER get patches. Nor does any of the software installed on it. Oh, hang on. Something just popped up. Microsoft AutoUpdate says there's a patch for Office. BRB. Dangit. Now there's like 3 more for various parts of CS4. And now 5 updates for OSX. CyberDuck says there's a new version. Firefox is installing updates.

      Um...You might want to come back later. This is going to take a while.

    • Re: (Score:2, Insightful)

      by NatasRevol (731260)

      Like I always say, Windows is cheap if your time is worth nothing.

    • QQ (Score:5, Insightful)

      by negRo_slim (636783) <mils_oRgen@hotmail.com> on Thursday March 04, 2010 @04:40PM (#31363148)

      I'm the guy in our household responsible for applying our patches, being an IT professional and all.
      Since we have a "few" computers all around the house, it's pretty much every time I sit down to one I have to apply patches, and usually a reboot to boot. Sometimes, it's a rarely used computer that I grab (laptop) just to get a few quick things done, and it requires multiple iterations of patches and reboots. Sigh.

      I'm the guy in our household responsible for applying our patches, being an part time Web Developer and all.
      Since we have a "few" computers all around the house, I just set Windows Update to download and notify me when updates are available. Providing me convienence and still retaining the ability to opt to not to install a patch.

      Since Win7 got installed on my desktop I rarely have to restart for 99.9% of all day to day tasks, but when something out of left field like patch time comes it's increased speed to the login screen makes it much seem less of a chore having to wait 5 minutes while my PC is being updated.

      And on my gf's laptop with Vista the reboots are slightly more often and and take a little longer.

      But then again I'm on the computer 12 hours out of the day, so 5-10 mins once a week for maintenance really seems to be a non issue.

  • by tjstork (137384) <(moc.liamg) (ta) (ykswordnab.ddot)> on Thursday March 04, 2010 @03:51PM (#31362376) Homepage Journal

    patching for Windows is largely automated...

    Heck, my Linux has patches every day and I kinda see that as a good thing.

    • by fyrie (604735)
      Agreed. Ubuntu prompts me to update every week or so it seems.
    • Re: (Score:2, Interesting)

      by SectoidRandom (87023)

      If you use the computer every day it is not, however if you only turn it on every week or two (like my mother) then expect 30minutes of prompts for different updates!

      • What have you been using? Even windows is smart enough to batch the updates through. And in the rare case that an update depends on another that requires a restart, it'll apply the new update after the restart. So just hit "update" and either walk away or continue working until it prompts for a restart. The only time I've run into an issue is the RARE update that requires a license agreement. Same goes for linux (minus the license part). If you're that concerned about it, install WSUS and let that man
        • by GIL_Dude (850471) on Thursday March 04, 2010 @04:28PM (#31362932) Homepage
          I'm pretty sure he means that Flash will want to update, Adobe Reader will complain, Windows will want to patch itself, etc. For folks using iTunes - it will want to throw down the latest iTunes and Quicktime. Firefox will want to update, etc., etc. ad nauseum.

          The real issue is that Windows doesn't have a centralized update mechanism. Quite frankly the ISV's resisted the idea as they didn't want to have anything seem like Microsoft controlled it. More and more I am leaning towards the belief that Microsoft needs to build a centralized update service and allow ISV's to opt in to it. After they realize they can post their updates without being metered or anything by Microsoft they will find that they don't have to build custom updaters, write services to do it so that they don't have UAC prompts for patches, etc.
          • So basically duplicate the functionality of APT (at least for updates), and let the ISV's run their own repo? So then when you install their product (irregardless of distribution method) it would add their update repo to the list of sources. Then updating windows and all its packages would be as simple as iterating through the repos looking for packages...
        • Re: (Score:3, Insightful)

          by dave562 (969951)

          In my experience the issue isn't with the Windows OS, but all of the applications. On my boxes I have Java wanting an update and Adobe products wanting updates. Firefox seems to want an update pretty frequently. The anti-virus starts to cry if it hasn't been updated lately. I think the point the report is making is that just about every application these days has its own update frequency. You can't manage non-Microsoft patches with WSUS. Even a product like SMS (or whatever they are calling it these d

    • Re: (Score:3, Insightful)

      by natehoy (1608657)

      By and large, patches are a good thing, unless and until they prevent you from getting work done on the machine. Then they become a pain.

      I was constantly frustrated and annoyed by the simple fact that Windows lacks a centralized update system that is open for everyone to use. It's got automated updating, sure, but it's a series of individual solutions per vendor and everyone solves the problem in different ways. And either there's an always-running app in the background (of which I had 15-20 at any given

    • by mcgrew (92797) * on Thursday March 04, 2010 @04:37PM (#31363100) Homepage Journal

      patching for Windows is largely automated...

      When I first installed XP, I set it to "automatic update" and the next day I couldn't get on the internet. Microsoft had replaced my perfectly good network driver with one that didn't work at all. So much for automation; from then on I had it download automatically but installed myself.

      And as a Linux user, you're fortunate (OK, smart) to not have to reboot the damned computer five times for every update. You only have to reboot when the kernel gets patched, so patches don't get in your way very often.

  • by Sowelu (713889) on Thursday March 04, 2010 @03:52PM (#31362390)
    Funny--my Firefox updates when I start it up, my Flash and Java and Adobe Reader update essentially on their own, and Windows updates when I shut it down...Steam updates on its own...Trillian and uTorrent give me a button to push to update them...I'm pretty much a power user, but I've never been prompted to update something that was remotely confusing. As long as things that need updating have an easy button to push to do it for you, I'm happy--extra bonus points if there's a checkbox in the installer to choose between "update automatically" and "prompt annoyingly when an update is available"
    • by Dice (109560) on Thursday March 04, 2010 @04:00PM (#31362468)

      The real problem in Windows is that all of these software packages have their own independent (and potentially broken) update mechanisms. One thing that modern Linux distros get right is centralized software updates. My Ubuntu laptop has a dialog box waiting for me most mornings that details any software updates it would like to install, and whether or not they are security related. I could tell it to do it all automatically but I like reviewing the changes before I install them.

      • Re: (Score:3, Interesting)

        by Anonymous Coward

        But, if everyone used Windows Updates (they can), how could they flog their extra crap? Apple's updater plugs Safari 4 every bloody time. Adobe wants me to install mcafee and other shit. Google has 2 seperate updaters for Talk and the toolbar....

        Of all the updating shit, Windows seems to do it the best. If you leave your PC on all the time, it'll do its update some sunday night at 3am. Otherwise, every week or so the shutdown procedure takes an extra minute. BFD.

    • by BikeHelmet (1437881) on Thursday March 04, 2010 @04:06PM (#31362546) Journal

      Most programs do have such update features. The question is more how well they work.

      When people bring me computers needing a tuneup, usually they have Adobe Reader 8.1.0, Java 1.6.5 to 15 (not 18, the newest), and Flash 10.x (Congrats, Flash. Now if only you had less vulnerabilities)

      This is despite them having auto-updaters. Multiple reboots leads to no prompts. Why aren't the updaters working? No idea - at first.

      At that point I'll check winver and note it's an XP SP2 machine. After updating to XP SP3, suddenly they all work.

      If anyone is having issues managing updates, you might be interested in something like this: http://www.filehippo.com/updatechecker/ [filehippo.com]

    • Re: (Score:3, Interesting)

      by Facegarden (967477)

      Funny--my Firefox updates when I start it up, my Flash and Java and Adobe Reader update essentially on their own, and Windows updates when I shut it down...Steam updates on its own...Trillian and uTorrent give me a button to push to update them...I'm pretty much a power user, but I've never been prompted to update something that was remotely confusing. As long as things that need updating have an easy button to push to do it for you, I'm happy--extra bonus points if there's a checkbox in the installer to choose between "update automatically" and "prompt annoyingly when an update is available"

      Yeah, i really don't see the issue here. The article makes it seem like the act of "patching" involves *any* work at all, but I generally just need to click "ok" unless its set to automatic. I never really have to do anything. I don't see it as "the user has to patch the machine", I see it as "the machine patches itself" every few days, which doesn't sound nearly as bad.

      Seems like the article is just FUD.
      -Taylor

    • Yeah, "frequency of patches" is a useless metric. "How much time the user loses to software patching" would have made far more sense.

      Developer PROTIP: Unless you've fixed a huge, critical issue, just silently update your program the next time it's shut down. Don't notify me about regular updates, and don't make me manually check for them - I'll forget. And whatever you do, don't make your updater load every time I start my computer.

      • by dave562 (969951) on Thursday March 04, 2010 @04:38PM (#31363120) Journal

        Developer PROTIP: Unless you've fixed a huge, critical issue, just silently update your program the next time it's shut down. Don't notify me about regular updates, and don't make me manually check for them

        Unless you're Microsoft... or Apple... If you're a major software vendor, don't even think about silently modifying your programs without letting the users know. Doing so would otherwise invoke the scorn and wrath of the /. community and other like minded, control freak zealots who see conspiracies behind every action.

    • my Firefox updates when I start it up, my Flash and Java and Adobe Reader update essentially on their own, and Windows updates when I shut it down...Steam updates on its own...Trillian and uTorrent give me a button to push to update them

      So that's 8 'auto-updaters' on your machine. How many resident update/callhome processes would you want to have your average user running? 10? 12? 20? Atleast you use Trillian, some people use both AOL/yahoo/skype IM clients...

  • Ignorant Haters (Score:2, Insightful)

    by Chicken04GTO (957041)
    Yeah its real hard. You do....nothing. (Automatic settings). If you want more control, you can change the settings. More windows-hate circle jerking.
  • Why just Windows? (Score:4, Informative)

    by east coast (590680) on Thursday March 04, 2010 @03:54PM (#31362402)
    I've owned a Droid phone for 5 days now. I've already had to "patch" two of the apps for it out of about 10 apps that I have on the phone.

    By those standards I'd say MS is doing one hell of a fine job.
    • by ashridah (72567)

      Just wait till you install Twidroid! You'll be updating multiple times a day then :)

    • by malakai (136531)

      Pandora's jar was opened as soon as always-online systems became the norm. Software producers can ship code that has been less throughly tested, knowing they can patch or send out an update if they find something. Even console games, the once most ironclad software 4th only to military, medical, and flight software, now ships expecting patches to be available by the time the user gets it installed.

      The good news is we get software more quickly. The bad news is we get software more quickly.

      Luckily, the auto-u

  • by Sycraft-fu (314770) on Thursday March 04, 2010 @03:54PM (#31362408)

    We can manage all those patches for them!

    Seriously, that is what this looks like to me. It is a load of bullshit over all. Reason being that few things actually need patches for security reasons. The OS, virus scanner, browser, browser plugins and so on sure. However a videogame? No probably not. Well guess what? Turns out most of the stuff that needs patching, patches itself. Windows downloads patches and applies them in the middle of the night. Firefox grabs new versions when you surf, and installs next time it starts up. Virus scanners update silently in the background all the time.

    If people actually had to spend time managing patches on all their apps, sure ti might be a problem. However for the most part that isn't the case. In the default config most important apps update themselves.

  • So... (Score:5, Insightful)

    by Xipe66 (587528) on Thursday March 04, 2010 @03:55PM (#31362412) Homepage Journal
    My Ubuntu installation updates and patches way more often than my Windows installs do. Newsworthy? Didn't think so /.
    • by nomadic (141991)
      Yes, was about to say on the patch front Windows is exponentially less annoying than Ubuntu.
      • Re: (Score:3, Interesting)

        by AdamWill (604569)

        the point is that Ubuntu uses one mechanism to provide updates for *all* the software you have installed, as long as you stick to the Ubuntu repos, as is heavily advised and encouraged on all Linux distributions. Windows Update gets you updates to Windows itself, and a few Microsoft applications. For all other applications, you have to use a different mechanism in each individual app, or else you're vulnerable.

        (This is an excellent answer to the typical 'why can't I just double-click on an .exe file?!' whin

        • Re:So... (Score:5, Insightful)

          by copponex (13876) on Thursday March 04, 2010 @04:19PM (#31362778) Homepage

          This is an excellent answer to the typical 'why can't I just double-click on an .exe file?!' whine about Linux software installation, BTW.

          Yes. OS X and Windows desktop market share illustrate why binary installers that work across years of operating system releases are dumb.

          Until the Linux community can get together and hash the installer problem out, you're not only locking out larger developers, but smaller ones as well. Pretending that this isn't a problem is not a solution.

          • Re: (Score:2, Insightful)

            by h4rr4r (612664)

            It is not a problem. Provide source and do not worry about it, or deal with the costs of closed source software.

        • by gringer (252588)

          as long as you stick to the Ubuntu repos, as is heavily advised and encouraged on all Linux distributions.

          I think using Ubuntu repositories on a Gentoo box would be discouraged.

          But I guess your post can also be parsed in a different way (if you ignore the bits between the commas):

          one mechanism to provide updates for *all* the software you have installed... as is heavily advised and encouraged on all Linux distributions.

        • Sylpheed tried to update itself and I said no. The I went to synaptic and looked for the version sylpheed was going to update too and it wasn't there. I suppose some users would accept the update from the application to get a version not available in the repositories.

    • apt-get update

      apt-get upgrade

      Done!

      With Windows I have to keep feeds in Google Reader for apps that don't automatically update so I can go to their individual sites, download the newest installers, run them, change the install paths since they were poorly coded and forgot it, do the same with the start menu shortcuts path, uncheck the options to install spyware, toolbars, and change my search page, and finally I can let it do its thing, but I have to go back to close it later. Then for installers that don't

  • Ya it is completely unreasonable for a home user to check the "Automatic update button" Wait...that is the default option. Even in my Enterprise organization it isnt exactly a pain to setup a WSUS server...

    This just sounds like someone trying to stir up trouble to get attention. Patching is part of life. It is not a pain, it is about as easy of a task as you can have, most home users don't even know they do it.

    • The unreasonable bit is that the "automatic update button" only affects windows updates. Other software handles the update process on its own, imo improperly, because application updates (except for MS applicatiosn) are not integrated into the auto updates.

      Linux is the only one that gets this right, and even there only partially: many proprietary third-party applications simply aren't in the repositories. There really doesn't seem to be a "updates only" repo for any OS, as buy-in would still be difficult

      • by COMON$ (806135)
        a unified update process would be a nightmare though. When it comes to applications I often have to review the update, some "updates" are rushed. With the exception of security updates, most of the time you don't have to worry about an update. Patch whores are just asking for trouble.
      • So you actually think MS should be responsible for pushing out 3rd party application updates? Unreasonable indeed...

        On the up side it would give the haters something else to bitch and moan about. Then we could read articles about MS's "gestapo patch review process", or something similar. Damned if you do, damned if you don't.
    • I didn't know you could add Adobe and Blackberry updates to WSUS, incredible!

  • Honestly, I would be happy if I could use my Windows system for five days without getting a notice to update something. Between Flash, Firefox, Windows Update, and my AntiVirus software, I must see an update notification every 2 days or so!

    Not that Linux or Mac users should be gloating... The software update systems in Fedora and Mac OS X are almost as obnoxious.

  • Linux (Fedora 12) has patches, too. I patch my systems probably twice weekly.

  • by SectoidRandom (87023) on Thursday March 04, 2010 @03:59PM (#31362450) Homepage

    Last year I bought for my mother a new computer, she is quite computer literate but I was shocked to find 3 months after purchasing that she has gotten into the habit of turning it on once a week just to give it an hour to "update itself". That was to allow her to spend 30mins every other week doing her online stuff..

    I literally couldn't or didn't believe it, but then I actually was there one day and watched as all the mostly default installed apps when through their motions of requesting updates. It literally took about half an hour before to computer was usable without something prompting "Do you want to install this update..."!

    In the end I removed some of the crap like Java and the HP printer updater, and told her to turn it on only ever other week for the updates!

    Definitely there is some need to consolidate updates into one program..

    • Re: (Score:3, Funny)

      by Sowelu (713889)
      Or maybe she needs to connect on something faster than dial-up.
      • Or maybe she needs to connect on something faster than dial-up.

        Err, just so you know it is a 10mbit broadband.

        In other words it's not the downloading of the patches that is the slow part it's the 15 different apps attempting to update when they are first used or actually a program that depends on a program that depends on a program that depends on them is used.

    • Or just disable the UPDATERS. No reason why that stuff needs to slow down startup, the app vendors should just do it like Firefox and check when you run it and download silently in the background for you.
  • Let's face it, doing patches this often is like putting mattresses in the hole on the side of the Titanic. It merely delays the inevitable, slightly. We need to rip out the ineffective system we're gotten used to, and to move on [skyhunter.com].
  • by mschuyler (197441) on Thursday March 04, 2010 @04:01PM (#31362476) Homepage Journal

    and I surely do not experience that amount of 'patching.' I also think updating virus signatures shouldn't be considered a 'patch' per se. Those are essentially database records, not bug fixes. Windows gives me updates about once per month. Once in awhile I get an Adobe or a Java update, but the total is nowhere near what these guys are saying.

    • and I surely do not experience that amount of 'patching.' I also think updating virus signatures shouldn't be considered a 'patch' per se.

      I'm with you. I don't know if I'm a "typical" home user, but close enough. If I don't include Windows Defender updates, or anti-virus definitions updates, I get maybe a half-dozen patches a month, with most of those delivered automatically through windows update. Flash isn't updated often, my browser isn't updated often, my games aren't updated often... pretty much *nothing* on my computer is updated as often as the OS.

  • The problem is... (Score:2, Insightful)

    by QRDeNameland (873957)

    The problem, in my opinion, is the fact that patches, particularly Windows Updates, have a track record of breaking things. This leads to a conundrum...automatically update and risk mysterious breakage, or manually update and risk falling behind and being insecure. If you want to make patching less onerous, the first step is to make it as reliable as possible, and then a larger percentage of users will trust automatic updates.

    • Re: (Score:2, Insightful)

      by Beelzebud (1361137)
      Have any examples of a Windows Update "breaking things"?
      • Have any examples of a Windows Update "breaking things"?

        Sure...have at it [lmgtfy.com].

        • Oh, so you can't give me an example of Windows Update breaking something on your machine? A google search is useless, because out of millions of machines with Windows installed there are bound to be people having issues. I'm talking about you personally. I only ask because I've been using Windows for a long time, and I've never had WinUpdate break something on my machine.
  • so what? (Score:2, Insightful)

    by gandhi_2 (1108023)

    not a 7-day span goes by without ubuntu patches it seems.

    it would be better if everything would be more like apple? just ignore problems for months at a time then release large patch sets?

    what the world needs now is another "security expert" interpreting useless data.

    • But those are package patches most of the time. Are you actually using those packages?

      In my case, my most recent batch had a few CUPS updates. If I was retentive about it I'd have removed that whole package from my laptop a while ago since it does not now, nor will in the forseeable future, have a printer attached to it.

  • I think the difference is that with Windows, you have to install updates from Microsoft via one method, updates to Adobe software via another method, updates to Firefox by another method. Lots of things for the user to learn, there isn't just a click one thing and it updates everything.

    My Linux box on the other hand, does have quite a few updates, and requires updating often, but, it's just one interface to update everything, including from third party vendors (i.e. Adobe)

    • What's REALLY annoying is when Adobe is in the middle of updating and Windows reboots to do ITS update, messing up Adobe's.

    • Re: (Score:3, Insightful)

      by Rockoon (1252108)
      This isnt unique to Windows. Its the same on OSX.

      If Linux ever gets a strong software presence, it will have the same issues.

      In Big-O notation, repositories scale linearly with the number of developers making demands of it. Double the number of developers and you've doubled the workload for the maintainers of the repository. The Linux ecosystem needs to double about 15 times (pulled that out of my ass, 32768x) to be comparable in scale with the Windows ecosystem.

      Are the Linux repositories prepared for
  • I don't think I've ever needed to install windows updates twice in a week. Maybe twice in a month if there's a major issue. But that report is counting Adobe Reader updates. Java updates. Firefox updates. That annoying update that tells me I need to ugrade TortoiseSVN from version 1.6.4.12.a to 1.6.4.12.b. Etc.
  • Reboot Patches (Score:3, Insightful)

    by Khomar (529552) on Thursday March 04, 2010 @04:14PM (#31362660) Journal

    I don't really mind patches. They are usually quiet and seamless, working in the background and not interfering with my work.

    The real killers are the updates that require a reboot, and these seem to be on the rise of late. Even worse, these are typically for software that I do not use (IE, Windows Media Player, etc.), but I am required to interrupt my work to reboot my machine so that I can be "secure".

  • World of Warcraft Addons get updated at an insane rate, almost as insane as the rate at which a new WoW update patch breaks many of them.

  • A friend of mine, runs his PC "commando": no virus software, no firewall, no patches, nothing. He's non-technical and assumes he is going to get a virus no matter what he does and it's just a waste of time pricking around with all that stuff, so he just reinstalls Windows about once every two months when it starts running slow from the viruses. Well, it's a daring tactic, but it seems to work for him.

  • The typical home user running Windows faces the 'unreasonable' task of patching software an average of every five days

    Only once every five days? That seems rather mild to me...

    Between Windows, Firefox, Office, Java, Adobe Reader, my antivirus, VLC, Pidgin, VirtualBox, EVE, Songbird, and Steam it seems like I'm patching something on a daily basis. And that's just my home machine.

    Throw in the fileserver at home... My workstation at the office... My work netbook... And the assortment of servers I'm responsible for... And I'm definitely patching something on a daily basis.

  • by gestalt_n_pepper (991155) on Thursday March 04, 2010 @04:33PM (#31363022)

    Windows can patch itself to hell. Firefox and Adobe too, for all I care -

    AS LONG AS THEY DON'T INTERRUPT, STEAL MY FOCUS, PUT UP CRAP ERROR MESSAGES OR REBOOT WITHOUT ASKING!

    There's a portable at home I open only on weekends. Want to guess what happens for the first 30 minutes after I turn it on? Yup. An unusable computer that's *updating* itself. Java. Adobe. Firefox. Firefox *add-ins", Windows, and possibly, the current timeline in which I exist.

    Needless to say, ALL of these want me to agree/disagree, actually *view* their updates, click a modal dialog, or reboot - repeatedly. I really don't care if updates have to happen, BUT KEEP THEM OUT OF MY FACE.

    And don't slow the computer to a crawl. If the update takes all day, do I care? Not if it doesn't interfere with me.

    Computers exist to serve ME. Make the computer wait, NOT ME!

Somebody ought to cross ball point pens with coat hangers so that the pens will multiply instead of disappear.

Working...