Exploring User Perspectives on Prioritizing Security through Software Updates

Abstract: Security vulnerabilities can put users at risk if they do not promptly install necessary security updates. To minimize risk, software developers regularly release security updates that address known or potential vulnerabilities. However, previous studies have revealed numerous reasons why users may not adopt software updates. Additionally, the National Vulnerability Database (NVD) demonstrated that not all types of software are equally vulnerable to security breaches. Therefore, this study investigates users' perceptions of software updates while delving into the complex realm of human behavior, uncovering which type of software users prioritize when considering updates. This study also explores to what extent the users trust these software updates.To gain a comprehensive understanding of users' perspectives on software updates, we conducted a survey consisting of questions designed to uncover valuable insights into individual behaviors, attitudes, and preferences related to performing software updates. The questionnaire featured a list of seven categories of software, such as web browsers, multimedia players, and antivirus software. The participants ranked their preferred software categories for security updates. Our survey asked users about their trust in software updates for improving security. We collected user attitudes towards software updates to offer insights to developers, analysts, and users. Out of the 63 volunteers, 48 provided complete responses for us to analyze. The group had a nearly equal split of males and females (54.17% and 45.83%, respectively), with most being between 26 and 34 years old and having a higher level of education. All participants spent at least one hour per day on the computer.Our analysis shows that around 29% of the respondents prioritize antivirus updates when making decisions about which categories of software to update for security. Additionally, approximately one quarter (26%) prioritize updates to the operating system, and approximately one in five respondents identify web browsers as significant for maintaining a secure infrastructure. Notably, only 3.52% of the participants consider multimedia software updates important. We also observed that around half of the respondents (48%) believe that updating software can enhance the security of their system. However, these users do not fully trust on software updates. In contrast, 16% of users rarely or never rely on software updates. Moreover, approximately 40% of users have had negative experiences and were hesitant to apply software updates, which is likely a significant reason for their reluctance to depend on software updates.In conclusion, these findings highlight user preferences and factors that influence their decisions regarding which software categories they prioritize for updates based on security considerations. Users prioritize software that is essential or requires updates to run the system, such as OS updates. Furthermore, many users do not believe that updates can improve security due to past negative experiences. Achieving higher adoption rates of software updates remains an open challenge due to a persistent lack of trust. To improve security through software updates, it is not enough to progress only on the technological front; it is also essential to develop more effective strategies to make the updates reliable and win the trust of users.

Keywords: Software Updates, Cybersecurity, Human Factors, Trust, Human Behavior

DOI: 10.54941/ahfe1004772

Cite this paper:

​