A few weeks back, a Google Chrome update (https://chromereleases.googleblog.com/2018/06/stable-channel-update-for-desktop.html) was released with some security concerns that were fixed (https://thehackernews.com/2018/06/google-chrome-csp.html). Our team attempted to use the Software Management VSA to patch our computers the first day the patch hit but we were not able to patch up as VSA did not recognize the update yet. In fact we had to wait 5 days before the Software Management module saw that there was a Chrome update even when forcing scans to run each day.
My questions would be is this normal? Should we be waiting 5 days for a possible serious security patch?
I'd like to know this as well, 5 days is not outlandish in terms of time but I can definitely see more anal-retentive clients being pushy about this in the future since security is the "now" thing.
I already have agent procedures setup for the critical applications like: Firefox, Chrome, Java, Flash, just in case I ever need to shoot one out in an emergency, all I have to do is replace the MSI or install media and I can send it out in 15 minutes.