With an increasing regularity, vulnerabilities are requiring more than just standard Windows patching.
BIOS changes, firmware updates, and the trade-off between speed, efficiency, downtime vs security.
Most of the issues are in proof of concept stage and whilst vendors have released updates the sheer
volume of machines in some environments makes tackling the issue difficult to say the least.
Is it better to manage the risk and hope for the best, or take the hit and patch "All the things" or a mix of both,
identifying what's most important and doing those first?