Getting Updates

We’re still in a world where you have to be interested and involved in order to keep your computer updated.
Rod Trent of MyitForum complained last week that he didn’t get notified of a needed Adobe Reader update until he actually opened Adobe Reader.
It is a problem. If you don’t use the application, you don’t get notified of an update. In many cases you’re still vulnerable just by having the software installed. Those in security might say “if you’re not using it uninstall it.” That doesn’t seem practical to non-security people. Some might say, “the application leave a service running to notify me of updates”. Is that what we really want? I dont want my applications to leave an updater running all the time. I kill most autolaunches when I’m packaging software.
Firefox prompts for updates when it is used. They brag that it is the most updated browser. That’s because the people doing the checking were looking at Google search logs which only collected information from people using the browser. If they used the browser they were thus prompted to update.
One solution I push is the Secunia Personal Software Inspector. Its one application that checks all (most of) your software for vulnerable or obsolete versions. While its not perfect for the non-computer literate, it would be a great option for someone like Rod who knows computers well, but might not remember that Adobe Reader is installed and needs to be updated.
I will say that Secunia’s online scanner was completely botching the Adobe Reader detection when I looked at it earlier this week, but the installed software version was working correctly or at least not broken in the same way.