Microsoft: Third-Party Vendors Failing to Patch Flaws
Fifty-five percent of the flaws reported by Microsoft to other vendors go unpatched.
But as Computerworld notes, this is a marked improvement over the year-long stretch through June 2009, when developers patched a paltry 13 percent of the bugs Microsoft reported. Microsoft offered an explanation for the poor patching:
This is not entirely surprising -- in most cases the vulnerabilities ... have been low-level architecture issues that are not easy to resolve, and vendors require considerable time to develop an effective resolution and test it thoroughly.