To reply to my own reply, I can see it will be very hard to dig out of this hole. There are simply too many people invested in MS-centric products. We use Shavlik to automate the patch process so we don't have to spend so much time keeping up on security holes and bugfixes. And it costs money. Symantec AV Corporate costs money. Everybody has a finger in the pie. Meanwhile our linux servers have an average continuous uptimes of over 2 years. The king of uptime hasn't been rebooted since we moved into our new office over 3 years ago. On the other hand, just today I had to stay after hours and reboot ALL of our Windows servers to finish installing patches.