Hey,



False Security

Patches cannot be relied upon to deliver effective front-line security, because they simply aren't applied in a consistent, effective and timely fashion. Indeed, many industry best practices preclude applying patches in an ad hoc manner: changes to production environments need to be tested and proved safe before deployment. This frequently leaves a large window of opportunity when a vulnerability can be maliciously exploited.

Moreover, it's all too easy for more important deadlines, issues or simply the crisis du jour to interfere, potentially pushing the fix forever to the bottom of the list and leaving your systems perpetually vulnerable.

Full story here

Just thought it would be of intrest and if anyone might have some thoughts