I see Secunia quoted as saying "Failing to do so is playing Russian Roulette with your IT security ? it is only a question about time ? and luck ? when your system will be compromised."
Yes, patching is an important part of a defense-in-depth strategy, but considering the "stopping power" of certain mitigations, such as a disallowed-by-default Software Restriction Policy combined with a low-rights user account, they're getting a little carried away with the sweeping generalizations. Dramatic, but not accurate.
The best of ZDNet, delivered
ZDNet Newsletters
Get the best of ZDNet delivered straight to your inbox
