Dear Microsoft: One Central Update Framework

by Bob Plankers on January 6, 2011 · 10 comments

in Dear Vendor,System Administration

Dear Microsoft,

I really like Windows 7. A lot. It’s most of what I was looking for in Windows Vista, and a worthy successor to Windows XP. You left one big thing out, though.

I have, beyond Windows itself, at least 28 applications that automatically check for updates:

Adobe Acrobat, Adobe AIR, Adobe Flash, Adobe Photoshop, Adobe Illustrator, Adobe Lightroom, Apple iTunes, Apple Airport, Apple MobileMe, Apple Safari, Autopano Giga, Piriform CCleaner, Piriform Defraggler, Dell Client System Update, Evernote, Google Chrome, Metageek inSSIDer, Oracle Java, Last.fm, LogMeIn Hamachi, Microsoft Security Essentials, Mozilla Firefox, Mozilla Thunderbird, Skype, Tweetdeck, uTorrent, VanDyke SecureCRT, and VLC Media Player.

My life is one big parade of pop-ups, warnings, toolbar installation offers, and auto-updaters. Would I like to check for updates? No. It’s been 30 days since I last checked for updates. Neat. Would I like to install the Ask.com toolbar? Absolutely not. You need to reboot to finish the installation. Twenty. Eight. Times.

It feels like a full time job keeping up with updates, and it really isn’t the job I’m paid for. On top of it, the constant stream of downloads and the interruptions from reboots and warnings and pop-ups is intolerable. I’ve always been hoping you’d build a central update console for Windows that I can execute once a week, and have it just take care of everything on my machine for me, all at once. If I have Adobe Acrobat installed it could check with some central facility of Adobe’s, download the update, and silently apply it. Likewise for the other 27 applications. Security patches, point releases, BIOS updates – everything could go through this. And if I can schedule it to run on at odd hours it could just take care of everything for me. Need to reboot for a new BIOS, or to replace open files? Go ahead, I don’t care. I’m sound asleep.

You wouldn’t have to run any software depots, just check whatever HTTP-based depot an application registers with you. You could also have different classifications of updates, and act differently if a vendor classifies an update as an urgent security matter, versus a general update. If you wanted to, you could tie it into something like WSUS and let people run their own depots. But honestly, if you just did something to centralize and standardize the act of updating, and then encouraged software providers to use it, it would be the single biggest system maintenance timesaver you’ve ever created for end users. Software vendors would like it, too – it’s code they wouldn’t need to write and maintain, and it improves the end user experience for them, too. Win – win.

Just think of all the good this would do. Not only would it be convenient for guys like me, it would also be great for most of your end users. My mother might actually keep some of the stuff on her PC up to date, for instance. That’s good for you, because people like my mother don’t care that Adobe software has a security vulnerability. All the average end user knows is that their computer got hacked, and it runs Microsoft Windows. After all, Apple runs whole ad campaigns, and bans particularly heinous software from their mobile platforms, based on this fact.

So please, do this for me in Microsoft Windows 8. After all, I’m Bob Plankers, and I’m a PC.

{ 9 comments }

jason eric jensen January 6, 2011 at 9:43 AM

Cheers to this post my friend. Windows’ Automatic Updates are among the most annoying user experiences of all time. Marc Benioff,CEO of Salesforce.com, was just talking about literally the same thing at Dreamforce this year. Salesforce rolls out 3 comprehensive updates a year. Yes, they come at a bad time. Yes, they take an entire workday to roll out. Still – beats rebooting 28 times! I also agree that users don’t keep up with updates and was astounded doing some Office 2010 upgrades around work recently to learn that many of our org’s users were still on SP2. Windows 7 is pretty damn sweet and definitely way better than XP, but there are still many reasons to question the motives and actions of the Microsoft-Industrial-Complex.

meanasspenguin January 6, 2011 at 10:50 AM

I think we can safely assume that this is never going to happen. If you’re sticking with windows (over a linux distro with central software repositories and customizable update schedules), then the best policy is to shut off all automatic updates and just push out updates with an administrative tool like PDQ Admin or FOG snap-ins. Of course, if you’re not in charge of IT then this is moot and your agony will likely continue into the foreseeable future. ::sadface::

John D January 6, 2011 at 11:04 AM

WPKG is pretty good for pushing out updates too. Their wiki has a lot of details on disabling automatic updates for various packages, even if you don’t use WPKG.

Gavin January 6, 2011 at 3:19 PM

I think one of the major obstacles to this is the differing installer packages that vendors use. We are forced to repackage so many apps to get them installing /uninstalling with SCCM (for example). If they all use msi/mst/msp for deployment ( and did it properly) it properly, windowsupdate would be a viable solution.

Cheers

Gavin

Gavin January 6, 2011 at 3:20 PM

Also, SCUP (part of SCCM) can do this also. Dell and HP allow you to deploy their updates using “WSUS” with SCCM.

Tim January 7, 2011 at 1:22 AM

This is why I was ecstatic at the rumors that Microsoft was considering purchasing Adobe. Add Adobe updates to WSUS and you’ve solved 95% of my patching needs. (Users don’t have admin access, so they can’t patch themselves, and my employer is too cheap to buy SCCM.)

Peter Van Geem January 7, 2011 at 7:42 AM

There’s already a freeware soft that does this more or less: Secunia’s Personal Software Inspector
http://secunia.com/vulnerability_scanning/personal/
Enjoy while it lasts :-)

Bob Plankers January 7, 2011 at 11:15 AM

@Peter — I originally was going to disagree that Secunia PSI didn’t do that, but it looks like the new version (way newer than what I had already) does do that. Cool.

Mirco June 27, 2011 at 5:06 AM

I know all these tools, or at least most of them, and still they require me to check or select new packages on my own. I really liek Windows Update for not having to do anything to install the latest security updates on my system.

Getti rid of all these updaters and helpertools, that do nothing but cramping up my systems memory for most of the year would be awesome, to say the least.

Comments on this entry are closed.

{ 1 trackback }

Previous post:

Next post: