Patch management: tech or process is the bottleneck?

by Anton Chuvakin

Related link:

This fun piece looks at the following curious security issue: is patch management simple or complicated. I've seen people say its very simple ('just set Windows Update to On') or horribly complicated ('we have a staff of 10 and they are overworked just doing patches'). Why is that? This article affirms that patching Windows in Windows-only environment is actually pretty simple. Patching Unix is not too hard also. However, the author claims that when people aim for an ambitious multi-platform patch solution to "patch everything", all hell breaks loose and complexity reigns supreme...