Insecurity outfit Secunia has counted on its fingers and divided by its shoe size and worked out Windows users have to patch one every five days.

Thomas Kristensen, the chief security officer of Secunia said that it was “completely unreasonable to expect users to master so many different patch mechanisms and spend so much time patching." He claims that few consumers devote the time and attention necessary to stay atop the patching job, which leaves them open to attack.

This was news to us as the patching task is mostly automatic on Windows machines and most users don't think about it.However that was not just Windows vulnerabilities but rather patches for third party software which also needs to be updated. Secunia based its information on reports of the users who ran the company's Personal Software Inspector (PSI) the last week of January.

It found that half had 66 or more programs from 22 or more different vendors on their machines. PSI is a free tool that scans PCs to produce a list of vulnerable software, but does not itself initiate updates. Instead, users are directed to the appropriate vendor patch site.

Secunia determined that the typical user faced nearly 300 vulnerabilities during the year, and with the number of vendors represented on the PC, had to deal with approximately 75 patch incidents annually.