Secunia says
that is unreasonable
Insecurity outfit Secunia has counted on its fingers and
divided by its shoe size and worked out Windows users have to patch one every
five days.
Thomas Kristensen, the chief security officer of Secunia
said that it was “completely unreasonable to expect users to master so many
different patch mechanisms and spend so much time patching." He claims that few consumers devote the time and
attention necessary to stay atop the patching job, which leaves them open to
attack.
This was news to us as the patching task is mostly automatic
on Windows machines and most users don't think about it.However that was not
just Windows vulnerabilities but rather patches for third party software which
also needs to be updated. Secunia based its information on reports of the users who
ran the company's Personal Software Inspector (PSI) the last week of January.
It found that half had 66 or more programs from 22 or
more different vendors on their machines. PSI is a free tool that scans
PCs to
produce a list of vulnerable software, but does not itself initiate
updates. Instead, users are directed to the appropriate vendor
patch site.
Secunia determined that the typical user faced nearly 300
vulnerabilities during the year, and with the number of vendors represented on
the PC, had to deal with approximately 75 patch incidents annually.