13:20 CET, 11th July 2011 By Secunia.
Organizations could reduce risk significantly by changing patching priorities, according to Secunia
By Tim Wilson
Most enterprises prioritize their security patches by which applications they use most. If most of the users in the enterprise are running Microsoft Word, for example, then that application will move to the head of the line for patching.
In a blog and whitepaper issued this week, however, researchers at Secunia suggested that enterprises could achieve significant security improvements if they prioritize their patches by the severity of the vulnerability instead of the prevalence of the application.
"Many organizations prioritize their patches by selecting the most prevalent or most attacked applications," says Thomas Kristensen, CTO of Secunia. "This is a flawed approach. You should look at criticality and number of vulnerabilities, and use that as your filter."
To read the article in full, visit Dark Reading here.