Re: So...
"So you don't run any non FOSS on your ubuntu box? To my knowledge no non-free software is available from repositories."
I see from other replies that it is already too late to avoid this logical detour, but...
Firstly, what's currently available does not limit discussion of what would solve the problem described in the article. I can't see any technical or business reasons why non-FOSS updates can't use the same distribution mechanism as FOSS updates. As others have pointed out, the Linux repository system is all GPL-ed, and *surely* Adobe and Apple between them (to name but two interested parties) could support a public Windows port.
(Truth is, they don't care. They haven't yet twigged that security is an issue. They're about ten years behind Microsoft in this regard. Astonishing, really, but I can't see any other explanation that fits the facts. It would just be *so* *easy* to do much better than they do at present.)
Secondly, just as an example, VirtualBox includes non-free-as-in-speech components, but I pick up updates from Oracle's repositories.
Thirdly, I suspect you will find that the main offenders identified by Secunia are free-as-in-beer applications like the Flesh Player and ArseOverTit-Bat.