Software updates are essential to enhance security, fix bugs, and add better features to the existing software. While some users accept software updates, non-compliance remains a widespread issue. While some users accept software updates, non-compliance remains a widespread issue. End users' systems remain vulnerable to security threats when security updates are not installed or are installed with a delay. Despite research efforts, users' noncompliance behavior with software updates is still prevalent. In this study, we explored how psychological factors influence users' perception and behavior toward software updates. In addition, we investigated how information about potential vulnerabilities and risk scores influences their behavior. Next, we proposed a model that utilizes attributes from the National Vulnerability Database (NVD) to effectively assess the overall risk score associated with delaying software updates. Next, we conducted a user study with Windows OS users, showing that providing a risk score for not updating their systems and information about vulnerabilities significantly increased users' willingness to update their systems. Additionally, we examined the influence of demographic factors, gender, on users' decision-making regarding software updates. Our results show no statistically significant difference in male and female users' responses in terms of concerns about securing their systems. The implications of this study are relevant for software developers and manufacturers as they can use this information to design more effective software update notification messages. The communication of the potential risks and their corresponding risk scores may motivate users to take action and update their systems in a timely manner, which can ultimately improve the overall security of the system.

翻译：软件更新对于增强安全性、修复漏洞以及为现有软件添加更优功能至关重要。尽管部分用户接受软件更新，但不遵从行为仍是一个普遍存在的问题。当安全更新未被安装或延迟安装时，终端用户的系统将持续面临安全威胁。尽管已有研究努力，用户对软件更新的不遵从行为依然盛行。在本研究中，我们探讨了心理因素如何影响用户对软件更新的感知与行为。此外，我们调查了关于潜在漏洞和风险评分的信息如何影响其行为。随后，我们提出了一个模型，该模型利用美国国家漏洞数据库（NVD）中的属性，有效评估延迟软件更新所关联的整体风险评分。接着，我们对Windows操作系统用户进行了一项用户研究，结果表明，提供不更新系统的风险评分及漏洞信息能显著提高用户更新系统的意愿。此外，我们考察了人口统计因素（如性别）对用户软件更新决策的影响。我们的结果显示，在关注系统安全方面，男性与女性用户的回应无统计学显著差异。本研究对软件开发者和制造商具有实际意义，他们可利用这些信息设计更有效的软件更新通知信息。传达潜在风险及其对应的风险评分可能促使用户采取行动并及时更新系统，从而最终提升系统的整体安全性。