Jump to content

Check for Software updates (Software updater)


unknownguy

Recommended Posts

I use a tool that check for new updates for software. And it's not automatic. 

I  would be happy if Malwarebytes can add this into the product. Since old software can lead to be exploited by hackers. I know there is already Anti-Exploit but if people will be reminded to update their outdated software it would be nice. I know people use really old products/software which can lead to exploits. I don't know if other people want this. But I'm an advanced user and know that software need to be updated.

Link to post
Share on other sites

Greetings,

I'm not certain if they will add this feature or not, but it has been suggested in the past and I have noticed that some AVs have this kind of feature now, especially since Secunia stopped offering their free Personal SOftware Inspector (PSI) tool a while back.  There are also a few other alternatives, but I haven't tested any of them to any great degree so I don't know how good any of them are.  That said, it would be a really big job to keep track of all the patches and updates for every software application and OS version out there so I doubt Malwarebytes would ever attempt it as they are far more focused on malware detection, prevention and removal, and their Exploit Protection technology doesn't rely on software being patched as it targets exploits based on behavior so it can guard against vulnerabilities that are both known and unpatched as well as unknown and thus unpatched (i.e. the vulnerabilities that haven't been discovered/reported/patched yet by the software vendors) which makes it a very robust solution in its own right.

That said, PSI was a good tool and I do miss it and I would like to see a viable alternative, I just don't believe it is something that Malwarebytes would ever attempt, however I will provide your feedback to the Product team and it is always possible that they might consider making it happen.

Link to post
Share on other sites

I strongly oppose integrating a software update checker into MWB. MWB should remain focused on its core mission of malware detection, prevention and removal.

Adding an update checker creates unnecessary complexity, added cost, and slows development. Moreover, with this addition MWB moves toward becoming bloatware. BTW, I feel the same way about integrating AdwCleaner and Windows Firewall Control into MWB; create links in MWB to the other two but keep them as separate programs.

I do not understand the need for automatic update checking. I use Software Update Monitor [SUMo, lite=free version]. Daily, at Windows startup I click on SUMo to check for new application updates. No big deal; it's become a habit.

I use SUMo only to alert me to possible updates; I don't need or want any update checker to take over the process of actually updating the software.
Even the best checking software makes mistakes. Some application have unique requirements as part of their update process. Sometimes new updates create more problems than they solve. Recently, one application update resulted in a registry corruption that caused the software to not open; luckily the developer quickly issued a hotfix update. Another developer switched to a subscription model via a .x update resulting in problems for older installations and clamor for clarification from existing users. In a few other cases the update was not appropriate for my version of Windows.

Moral = It's best to check out each update on the developer's website to determine how it might affect my installation before applying the update. This still requires human judgment not artificial intelligence.

C

Link to post
Share on other sites

12 minutes ago, Carson70 said:

I strongly oppose integrating a software update checker into MWB. MWB should remain focused on its core mission of malware detection, prevention and removal.

                                                                                                                    good.gif.7f64986882a4d66360d7da45b625895b.gif

Link to post
Share on other sites

3 hours ago, Carson70 said:

I strongly oppose integrating a software update checker into MWB. MWB should remain focused on its core mission of malware detection, prevention and removal.

Adding an update checker creates unnecessary complexity, added cost, and slows development.

Not to argue that I think Malwarebytes should pursue this as I don't personally believe they should, nor do I believe they would, however it would definitely not slow development or increase complexity.  I can't speculate as to cost, at least for the end user as that would be something for their Executive team and Marketing folks to determine, however if Malwarebytes ever did pursue something like this they would do it the right way by hiring new people to work on it independently of the current Malwarebytes components and they would use the same modular architecture which they have used to integrate all of their other tools/components into Malwarebytes which so far include Web Protection (didn't originally exist in Malwarebytes at the beginning; it's a separate driver/module with its own databases, exclusions and APIs), Anti-Rootkit (a separate engine/driver, again with its own databases and components integrated in such a way that it can be easily enabled/disabled with a single setting for scans), Anti-Exploit which uses its own modules, drivers and DLLs to monitor the system and processes for exploit behavior, completely independent of the primary scan engine and Malware Protection component, and the newest addition, Ransomware Protection which likewise is behavior based, uses its own driver and modules and works independently of all the others.  They also recently added an enhanced heuristics component based on Machine Learning and cloud functionality that can also be enabled/disabled independent of the other components and of course it uses its own databases as well.  My point is that if Malwarebytes ever did integrate something new, including a software updater or anything else, they would follow the same model they have for all of their other modules and components where it would have its own Developers on the backend to work on the drivers and core functions of it and use the Malwarebytes SDK to integrate it with the main product in a modular way so that it does not interfere with anything else, and they would hire on dedicated Researchers to handle maintaining and updating the databases for it just as they do for the other components that use signatures/databases (they have a Web Research team for blocking malicious sites with Web Protection, a general malware Research team for the primary Malware Protection/scan engine, a team focused on new exploits and exploit behaviors to maintain the Exploit Protection component, a low-level/rootkit Research team for analyzing and developing definitions/signatures and new detection and removal methods for the anti-rootkit engine and driver in Malwarebytes, and they have a team that strictly works on the Ransomware Protection component as well).

This has always been their way and it enables them to develop new features and capabilities independent of the main product and test them individually as well (note all the individual/standalone beta sections for the various components in Malwarebytes including one for Anti-Rootkit, one for Anti-Exploit, and one for Anti-Ransomware).  Once each component has been updated, tested and is proven stable it is then integrated into the main product, tested by the QA team along with all the other features in the new build of Malwarebytes and released if proven stable.  If there is an issue the update is pulled and the new version of Malwarebytes ships with the old version of the individual component until it is tested stable and proven ready for release at which point it is either integrated into the primary product for the next major release or pushed out as a component update.

This enables Malwarebytes to be very flexible with regards to new features, functions, capabilities and developments without slowing down the overall progress of the primary product and its release schedules.

I know all of this because I used to be the Product Manager for all of Malwarebytes products at one time and later as the Product Management team expanded I became the PM for the primary Malwarebytes product as well as the Anti-Rootkit component along with a few other Malwarebytes tools/products so I am not speaking in speculative terms here; this is exactly how Malwarebytes works.

Anyway, I just wanted to throw that in just to assure anyone who reads this that regardless of what Malwarebytes may or may not integrate into the product in the future, it has already been engineered to be highly expandable, flexible and modular to allow for new additions without increasing complexity or causing issues with the release cadence of Malwarebytes' main product lines.

Link to post
Share on other sites

@exile360

Thanks for your detailed reply. I take your point about MWB acquiring experts in software updating applications and using a modular development process. Certainly, the complexity is in the software update module alone rather than the entire MWB product. I assume that one initial development decision is whether to limit the update component to alerting the MWB user of available application updates or to offer installation from within MWB. Another choice is how do you streamline keeping track of new updates [and separating them from beta releases].

At least some of the cost would be for Malwarebytes acquiring experienced personnel; another cost would be in maintaining an accurate and up-to-date listing of available updates.

I was aware of your previous role in MWB development and defer to your expertise. Good that you mention it here for those members who were unaware of your previous role with MWB.

I noted your personal opinion that software updating should not be part of MWB. So, I took your reply as a way to clarify the MWB modular development process and to reassure members about any future additional enhancements to MWB.

Thanks again for the detailed explanation.
C

Link to post
Share on other sites

You're welcome.  Yes, those are all valid points and things that the PM and Dev teams would consider and work through if they decided to move forward with such a feature.  It would all be part of their PM documents and product backlog for building out and developing the product and they'd get everything prioritized by 'must-haves', 'nice-to-haves', and 'only implement if there is extra time/space' etc.  Based on what I've observed so far, they would most likely find a smaller company or individual developer who specializes in the area they want to expand in and hire them on/acquire them and their technology, then work on it and have it rewritten to be compatible with the Malwarebytes codebase and integrate it once it is ready.

That's all way down in the weeds though, and ultimately all of these decisions fall to the Product team to consider and get buy-in from the stakeholders if there is an interest in it.

Link to post
Share on other sites

I have been using Adlice Software's UCheck program, the paid version, but there is also a free version, for almost two years.  It is very fast, easy to use, and provides updates for a wide range of programs.  I highly recommend it.

Have a great day.

Regards,
-Phil

HONESTY DISCLOSURE: Adlice Software did provide me with an initial 1-year complimentary licence for the paid version.  When that expired, I purchased a 2-year subscription to the paid personal version for both of my computers.

Link to post
Share on other sites

Sorry for not answering

19 hours ago, exile360 said:

Greetings,

I'm not certain if they will add this feature or not, but it has been suggested in the past and I have noticed that some AVs have this kind of feature now, especially since Secunia stopped offering their free Personal SOftware Inspector (PSI) tool a while back.  There are also a few other alternatives, but I haven't tested any of them to any great degree so I don't know how good any of them are.  That said, it would be a really big job to keep track of all the patches and updates for every software application and OS version out there so I doubt Malwarebytes would ever attempt it as they are far more focused on malware detection, prevention and removal, and their Exploit Protection technology doesn't rely on software being patched as it targets exploits based on behavior so it can guard against vulnerabilities that are both known and unpatched as well as unknown and thus unpatched (i.e. the vulnerabilities that haven't been discovered/reported/patched yet by the software vendors) which makes it a very robust solution in its own right.

That said, PSI was a good tool and I do miss it and I would like to see a viable alternative, I just don't believe it is something that Malwarebytes would ever attempt, however I will provide your feedback to the Product team and it is always possible that they might consider making it happen.

Thanks for your response. Like you are saying I think it's better without an Software Updater. I'm sorry that I don't write so much about this. But I think it's a huge of job to do this.

I remember PSI by secunia. 2.0 was the best product which had so many settings to change and advanced features. Then they updated and released 3.0 which I don't like and other people didn't like. But they didn't force us to use 2.0. Later they forced everyone to use 3.0. I never liked 3.0, no advanced features or settings for a lot of things. Some years later Secunia was bought by other company with no knowledge and then everyone left Secunia.

I have since the new company destroyed everything moved to something named SUMo (Software Update Monitor) by kcsoftwares. It's free, no automatic updates. But if you want to get direct linked to the software site you need to pay for it. Which I think is unnecessary. I think this tool is more for advanced users.

16 hours ago, Carson70 said:

I strongly oppose integrating a software update checker into MWB. MWB should remain focused on its core mission of malware detection, prevention and removal.

Adding an update checker creates unnecessary complexity, added cost, and slows development. Moreover, with this addition MWB moves toward becoming bloatware. BTW, I feel the same way about integrating AdwCleaner and Windows Firewall Control into MWB; create links in MWB to the other two but keep them as separate programs.

I do not understand the need for automatic update checking. I use Software Update Monitor [SUMo, lite=free version]. Daily, at Windows startup I click on SUMo to check for new application updates. No big deal; it's become a habit.

I use SUMo only to alert me to possible updates; I don't need or want any update checker to take over the process of actually updating the software.
Even the best checking software makes mistakes. Some application have unique requirements as part of their update process. Sometimes new updates create more problems than they solve. Recently, one application update resulted in a registry corruption that caused the software to not open; luckily the developer quickly issued a hotfix update. Another developer switched to a subscription model via a .x update resulting in problems for older installations and clamor for clarification from existing users. In a few other cases the update was not appropriate for my version of Windows.

Moral = It's best to check out each update on the developer's website to determine how it might affect my installation before applying the update. This still requires human judgment not artificial intelligence.

C

I don't like bloatware. And the thing about auto update was wrong written by me. Since I prefer check signatures, changes and such I prefer manually downloading. But I use SUMo to check for updates. I don't check every website manually to see if it's an update out. SUMo do it for free for me.

Adding software updater into MB was just a suggestion and such what other likes, but I must agree it will be bloatware.

Link to post
Share on other sites

@unknownguy

I used Secunia PSI and had the same reaction moving from v2 to v3. I have used Patch My PC but found the interface frustrating. In the left pane it lists ALL the applications it covers whether or not they are installed on YOUR computer; updates for your installed software are color coded in red but finding them by scrolling in this long list is a pain. The right pane lists only your installed software, color coded to show new updates. Unfortunately, many listings here only show the CURRENT version number not the new version number forcing you to search through the left pane list. Worse still, on my system completely separate applications were listed on the SAME line -- confusing. Posted on their support forum but received no response; uninstalled Patch My PC.

As I originally said I now use SUMo [lite=free version] exclusively to alert me to new updates.

Be aware that SUMo apparently relies to some extent on community members to alert the developer at kcsoftwares about new updates. Even though I have EXCLUDED listing BETA versions through the settings menu I still receive some BETA version notices. Occasionally, I also receive notice of an update in SUMo when the software developer's website shows no new release.

The paid version offers to automatically update SUMo itself; it also allows users to download new application updates from the kcsoftwares website or from the developer's website. But according to SUMo's user forum the user is sent to the developer's website HOME page and not directly to the DOWNLOAD page. From skimming the forum a few weeks ago it appears this has been a longstanding complaint.

There's also an online service called Ninite that promises to 'Install and Update All Your Programs at Once'. Like Patch My PC it covers several hundred applications.

Like you I am not interested in bulk or batch installing updates and will stick with SUMo lite despite its imperfections to alert me to new application updates. I can finish the remainder of the update process on my own.

Link to post
Share on other sites

  • 9 months later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.