Citation[]
Government Accountability Office, Information Security: Continued Action Needed to Improve Software Patch Management Processes (GAO-04-706) (June 2004) (full-text).
Overview[]
This report assessed the (1) reported status of 24 selected federal agencies in performing effective software patch management practices, (2) patch management tools and services available to federal agencies, (3) challenges to performing patch management, and (4) additional steps that can be taken to mitigate the risks created by software vulnerabilities.