"We've got to install MS17-010; these are serious holes."
"We can't just yet. We've been testing it for the last two weeks; it breaks the shipping label software in 25% of our stores."
But in this case its bollocks. The patch is easy and doesn't fuck too many things.
at $work, we've had the same issue. We have three estates Windows, Linux and some solaris. The Linux estate is patched within hours of upstream fixes. Staged, starting in dev, and bubbling up to prod.
Windows, I've discovered has auto updates turned off. The servers are not in config management, or monitored.
Its not because patching is hard, its because its not seen as important, despite being repeatedly hit with cryptolocker malware.
"We can't just yet. We've been testing it for the last two weeks; it breaks the shipping label software in 25% of our stores."
But in this case its bollocks. The patch is easy and doesn't fuck too many things.
at $work, we've had the same issue. We have three estates Windows, Linux and some solaris. The Linux estate is patched within hours of upstream fixes. Staged, starting in dev, and bubbling up to prod.
Windows, I've discovered has auto updates turned off. The servers are not in config management, or monitored.
Its not because patching is hard, its because its not seen as important, despite being repeatedly hit with cryptolocker malware.
Its just utterly pathetic.