An empirical analysis of the patching challenge faced by the average private user
- Stefan Frei, Thomas Kristensen
In this paper, we examine the software portfolio of the average user based on empirical data from over two million users frequently scanning their systems with Secunias Personal Software Inspector (PSI). Our analysis demonstrates, that the complexity and frequency of the actions required to keep a typical end-user system secure, most likely exceeds what users are willing, and able to invest. We classify typical software portfolios, and provide a tool for the community to estimate their individual security exposure and patch complexity. Our data demonstrates the need for coordinated patch solutions capable to update programs from diverse vendors, in order to protect end- users at global scale.