:: Deepquest ::

Top security officers warned on Tuesday that patching software flaws is still far too difficult, with many companies left vulnerable because they are lagging behind on applying critical updates.
Vulnerability assessment firm Qualys supported the statements, made during a panel discussion at the RSA Security Conference, with data culled from monitoring its clients’ networks. The data, collected over two years, shows that it takes a month to cut by half the number of vulnerable computers connected to the Internet.
poor admins, patching is so difficult >:-) diff is more difficult than windowsupdate?

That’s far too long to wait to fix the worst security flaws, said Gerhard Eschelbeck, chief technology officer and vice president of engineering for Qualys.
The data and concerns spotlight a constant source of pain for corporate security professionals: Much of a company’s security relies on patching software flaws, but applying such fixes to critical systems takes time, leaving the systems vulnerable. The large number of systems vulnerable to the Slammer worm, which took advantage of a six-month-old flaw, underscores the issue, as does the MSBlast epidemic last August.

more from [url=http://news.com.com/2102-7355_3-5164650.html?tag=st.util.print]News dot com[/url]