Unfortunately, for all organizations, patch management is not going anywhere. It has been around since the release of the operating system and the use of applications. No release is ever the ›nal release. Patch management has been getting publicity for a few years now. Organizations still are not prepared, and there is still a lack of implemented patches on systems. Attempts have been made to rely on a tool for all patch management needs, but this reliance is futile. Now organizations are again looking to update, modify, or implement a patch management process to protect its environment from the threat of an ever growing number of exploits. Sometimes, the most di®cult hurdle is determining how to approach a patch management process.