Those six words can make you shudder. When they are the only text in an email below a link leading to a story about a zero-day exploit or a news flash on CNN talking about stolen personal information or compromised systems your blood will run cold. The only way to fix that problem is through judicious patching.
Patch management isn't fun. It is a lot of painstaking work. You have to test your patches against baselines and ensure that one minor graphical glitch resolution doesn't crater the CRM system. It's gotten to the point where taking care of patches manually is impossible.
Thankfully, operating system manufacturers are tired of being embarrassed by news stories as well. Most modern operating systems have regularly scheduled patch downloads and installations. They go fine for the most part. But what happens when you have to manage those patches across hundreds of systems?
True enterprise patch management systems should give you granular information about patch status and on-demand report generation for stakeholders. You need to be able to answer the above email with a detailed list of affected systems and mitigation status. You need to prove you *did* know about it and you've already fixed it.
Windows Server Update Services won't cut it any longer. You've got to have the ability to generate reports for operating systems, applications, and even mobile devices. Visibility into all aspects of the enterprise are critical. You need more robust tools to fix your problems.
Have you ever gotten the above email? What did you do about it? How did you fix the issue? Were you scrambling to prove you didn't drop the ball?