Ever since the I Love You (ILoveyou) worm hit the Internet in May 2000 and the Nimda worm hit the Internet in September 2001, patch management has become a very important part of maintaining network security. Those worms revealed the importance of patch management because it was vulnerabilities in Windows that had allowed the worm to spread so fast around the world, and Microsoft had released patches for these vulnerabilities several months earlier.
At the time, patching an operating system was a very labor-intensive task. Windows Update was available, but you still had to run it manually on each machine that needed updates. This meant connecting to the Internet, which was really too dangerous for corporate networks ...