Tag Archives: Patch Management

Patch Problems: How to Manage the Tidal Wave of Security Fixes

by Bharat Mistry

The recent public dispute over vulnerability disclosure between Google and Microsoft threatened for a few weeks to catapult the humdrum topic of patch management into mainstream discourse. And while Google seems to have diffused the tension somewhat by agreeing to add a fortnight’s “grace period” onto its 90-day disclosure time frame, huge challenges remain. But most of the conversation thus far has been focused on whether the vendors are being given enough, or too much, time to patch flaws. We should more properly be asking: “What about their customers?” Continue reading