Another day, another security bulletin. Today PatchLink assaults us with its top three security concerns of IT professionals worldwide, with zero-day vulnerabilities in first place, hackers in second, and malware/spyware a hair's breadth behind in third.
IDC's research director Charles Kolodgy tells us that these zero-day attackers are trying to exploit such vulnerabilities "before they can be fixed". As opposed to exploiting them after they've been fixed.
There is some actual news hidden in the report, though: IT managers are reacting faster to emergency patches than they did in 2006, with 29% of organisations deploying critical updates within two hours during 2007 compared to only 14% in 2006.
This led to only 1% of IT boffins believing they were less secure in 2007 than they were in 2006.
The report also reveals an authoritative, domineering side to respondents' managerial styles - 'controlling user behaviour' was the highest ranking challenge to vulnerability management, with 66% of respondents spending more than an hour each day monitoring security and IT consoles, administrating agents and updating security policies.
The report concludes with a warning that we need "continuous protection", followed by a nudge, a wink, and a reminder of PatchLink's recent security software acquisitions.