I would like to read an article about whether or not an up-to-date anti-virus is going to protect users (how and why) as a lot of IT people defend that position.
But that's the catch: I am not convinced AV vendors have the resources, the complete knowledge and the access to Windows inner workings to fill in MS role.
And what about the legal rights ? Would they be allowed to patch a security kernel breach, or a lib, made up of closed proprietary code in binary format (an extreme and unlikely case but that's what I read when IT people tell users "we'll just use an anti-virus to circumvent the lack of MS updates") ?
