Many users don't update to the latest version of the software on their computers because they're not sure the updates are safe or remain unconvinced that any new features will be useful.
Those are among the findings in an online survey of users in the U.S., U.K., and Germany by Skype, Adobe, Norton, and TomTom timed to coincide with last week's International Technology Upgrade Week (ITUW). About 40percent of the respondents -- 42percent in the U.S., 41percent in the U.K., and 37 percent in Germany -- admitted they don't upgrade software when they should.
[ Prevent corporate data leaks with Roger Grimes' "Data Loss Prevention Deep Dive" PDF expert guide, only from InfoWorld. | Stay up to date on the latest security developments with InfoWorld's Security Central newsletter. ]
The survey found that most respendents want the safest version of their software, but don't always trust on-screen reminders, thinking they might be scams from hackers that contain malware.
Those concerns are well founded, according to Paul Ducklin, writing on the Sophos Naked Security blog. He said cybercriminals know that many users will eventually respond to multiple upgrade prompts.
[See also: 10 commandments of Windows security]
"It's one of the reasons that fake anti-virus software keeps pestering you with warnings, and why the support call scammers phone over and over again to try to coerce you into paying for their fraudulent help," Ducklin wrote. "Don't agree to upgrade or update just because you're nagged about it."
Still, he and others in the security industry say it's important to stay current with security patches, even if they include features users don't like. And skeptical users who fear an update might be fake can visit a vendor's website and download the update from there.
Beyond security concerns, users are not always impressed with what vendors pitch as "cool new features" in upgrades. A quarter of survey respondents saw no benefit in an upgrade and about the same percentage said they don't even understand what some upgrades will do. One in five respondents worried that the update would slow down their computer, and 18percent feared new versions of their software might have bugs.
Chester Wisniewski, senior security adviser with Sophos, is sympathetic. "Sometimes really big companies do some really stupid things," he said. "If you download Adobe Flash Player from the updater and not the website, it bundles other stuff with it. If you update Java, you get Bing in your toolbar. When companies start bundling crapware, people do get resentful."
Indeed, some of the readers commenting on Ducklin's blog post are openly resentful of vendor upgrades. There are too many smarmy companies that want to update their software and drop all kinds of junk on unsuspecting users," said one identified as Internaut. "For most people, they don't have a[n] idea what they should do with 'Custom installation,' so [they] opt for the 'Express' method where they end up with yet another toolbar...."
Other installers add "third-party company's [sic] junkware by installing their free icons, smileys, wallpapers," Internaut argued.