95 Of Every 100 Windows PCs Miss Security Updates

An anonymous reader writes "From Computerworld today: 'Nearly all Windows computers are likely running at least one unpatched application and about four out of every ten contain 11 or more vulnerable-to-attack programs, a vulnerability tracking company said today.' The new data comes from Secunia's free security-patch scanner the Secunia's PSI. The complete data run-down is available here."

Re:Sounds like like Lunix, OSX

[Architect_sasyr]

I don't know why this was modded flamebait, maybe because the AC says "Lunix". The point *is* about Lusers, that is the WHOLE point. I for one know that the only reason my Mac users update their software is so that they can have the latest and greatest, the Linux guys in the office don't update their software. This is actually good because I rely on exploits to gain remote control over some of those machines which are *technically* out of my jurisdiction. The windows users all update their software regularly. Why? Because I built a WSUS server and FORCE them to via group policy. Fully 85% of them hadn't done a single update till I forced this out (note: only recently stepped into this role, so not my fault!). I know most of them don't do it at home.

Linux users, OS X users, hell even me and my FreeBSD boxes are just as bad. It's a PEBKAC and has nothing to do with what OS you run.

You are happier with WSUS than I was

[JimmytheGeek]

We deployed it at my previous job, for 1100 machines. I found it a huge waste of time with large numbers of machines unable to update, or only partially updating. Almost none were completely updated. Status reports were off, reporting missing patches that I KNEW were on the box (installed manually and verified). I'm pretty sure it reported patches on that weren't. So not only could I not rely on it to do the job, I could not rely on it to tell me where it had succeeded and where it had not. I found it marginally better than nothing, not a solid enterprise ready tool.

It will take MS another 10 years before it's products are enterprise ready. Enterprises use their stuff anyway, but the products aren't ready.