Patching 'still too difficult'
It takes a month to halve the number of computers affected by a new security hole, according to network-monitoring data. Top security officers warned on Tuesday that patching software flaws is still far too difficult, with many companies left vulnerable because they are lagging behind on applying critical updates. Vulnerability-assessment firm Qualys supported the statements, made during a panel discussion at the RSA Security Conference, with data culled from monitoring its clients’ networks. The data, collected over two years, shows that it takes a month to cut by half the number of vulnerable computers connected to the Internet. That’s far too long to wait to fix the worst security flaws, said Gerhard Eschelbeck, chief technology officer and vice president of engineering for Qualys. Full Story