Issue TOC Print full article Print this page Download as PDF E-Mail this URL Flame the author     In this article Introduction PatchLink Corp. PatchLink Update 3.0 Other Products Reviewed Executive Summary Why Patch? How We Tested A Heap of Trouble Microsoft's Patch tools: Incomplete Report Card

Patches are released to fix everything from stability and interoperability to virus vulnerabilities. While it's important for your Microsoft Windows XP users to be able to print large paper sizes at high resolution (patch available here), most IT managers agree that security patches are the most crucial--and with good reason. ICSA Labs, a security research and certification organization, recently released its annual virus-prevalence survey. The 300 companies and government agencies that participated had 1,182,634 virus encounters on 666,327 machines during the survey period (January 2000 through August 2001). That's 113 per 1,000 machines per month. Of those that experienced severe incidents, 80 percent required 20 or fewer person-days to recover, while the median response was four days. Estimated direct costs averaged $69,000 per incident. Ouch. And that's just viruses. Obviously, patches and security-rollup packs address much more, including buffer- and heap-overflow vulnerabilities, and other locally and remotely exploitable security issues.