Thanks for the article Steve.
While we know patching is critically important, it's still hard to get it completed.
Some is resistance from DBA's, some from Dev's and some from "we can't reboot servers because clients might be inconvenienced". So less of a technical issue and more politics.
I've worked with DBA's who dragged their feet on patching every...single...month and couldn't get IT management to support me on patching. So again, less technical and more about politics.