Interesting report from Brian Krebs over at the Washington Post. He compiled statistics on how long it took some of the major software vendors to issue patches for security flaws in their products, starting with IE. In a vacuum though this information isn't terribly helpful except to remind people to continue vigilance, but I look forward to more reports on different products and vendors so that they can be compared.