scythe, the only thing we need, in this case, is a service installed and running or a Windows Task running with admin rights for all users.
And that's not going to happen, since MS won't even let standard users run Windows Updates (unless enabled through group policy). I understand their reasoning though. If it's a business environment, some IT Admins like to test the updates first before deploying them to see if they break applications.
It's frustrating, but there's no win-win situation. You either have to go around to every computer manually and update all the third-party software, or give rights to users that they shouldn't have in order for them to do it themselves.
To me, there's only two ways to fix this. Either the Third-parties need to allow admin creds be entered as the update runs (so we don't have to log off the current user, log in as admin, install the update, then log off and back on as the user), OR, MS needs to integrate at least common third-party software updates, so that admins can authorize them and push them out as needed.
service installed and running or a Windows Task running with admin rights for all users.
Sounds too scary, and if it were exploited, it could cause all kinds of problems. It would work though.