ABSTRACT
Effective testing of patches before deployment to a production environment cannot be overstressed. If the business environment is disrupted because of non-tested patches applied to production systems, the question that should be asked is: What is the difference between a worm attack or security breach that disrupts my operation and self-inflicted downtime from deliberate patching, all of which has the same end result?
