Silent auto-patching coming in Firefox 13
Firefox currently offers an automatic updater but the process is not silent and requires that the end user click to apply the patch after it's downloaded.
With the silent updater, Firefox security patches will be downloaded and installed silently in the background.
Additionally, the "What’s New" page displayed after an update can now be displayed depending if there is important information needed to be displayed to the end user, Nyman added.
Computerword's Gregg Keizer reports that Firefox 13 is due in June 2012. Mozilla currently ships Firefox updates on a six-week cycle.
Google has fitted a silent auto-updater into the Chrome browser and there is word Adobe will do the same for its Flash Player software.
[ SEE: Study: Silent patching best for securing browsers ]
For years, security practitioners have argued against silent patching, warning that end users should know — and consent to — what’s being changed on the machine but, according to a study conducted jointly by Google Switzerland and Swiss Federal Institute of Technology, the silent updaters in browsers enhance security:With silent updates, the user does not have to care about updates and system maintenance and the system stays most secure at any time. We think this is a reasonable default for most Internet users. Further more, silent updates are already well accepted for Internet Web applications.
…Our measurements prove that silent updates and little dependency on the underlying operating system are most effective to get users of Web browsers to surf the Web with the latest browser version. However, there is still room for improvement as we found. Google Chrome’s advantageous silent update mechanism has been open sourced in April 2009. We recommend any software vendor to seriously consider deploying silent updates as this benefits both the vendor and the user, especially for widely used attack-exposed applications like Web browsers and browser plug-ins.
ALSO SEE: