And you should blame Microsoft to not open auto-updates to other products than Microsoft ones.
Why isn't Winzip (I do not speak about competing products like OpenOffice) allowed to use a secure and robust update mechanism instead of using a home made one ?
Responsibility is not an answer; we are used to click on disclaimers when installing stuff, aren't we. One more disclaimer to accept an update from an "untrusted" (read non MS) source wouldn't be a problem.
Hmm. Robert may be correct, but digital signatures by themselves do not make a secure update mechanism, unless there is a time-bound sensitivity associated with the signatures (and it would have to be a very finite amount of time at that). Read more <a href="http://securology.blogspot.com/2008/08/package-managers.html">here</a>.
