Sorry, that's not the case. I'm not happy about this month's load of patches, but there are perfectly good patch management solutions out there that can manage multiple vendors and products with ease. I've had pretty good luck with Patchlink, and expect that in the next day or so I'll have a reasonable amount of information to go through to determine what needs to be patched. And when I have a question I know I can contact someone there to get more specifics.
I think what a lot of people don't like is that there's not a *free* patch management solution that is as effective as some of the paid ones (such as Patchlink). But that is a complaint based on price, not on availability. There are working solutions out there, it's just that many of the good ones often cost money. As an enterprise user I need the resources and continuity that a commercial product can contractually provide.
As for package management as it relates to Windows, that's different than patch management. The benefit that an OS like Ubuntu brings to the table is a dead-simple updating mechanism that can cover multiple products. It can be used to roll out patches, sure, and it is. But it is also used intensively for rolling out cursory product updates which have more to do with bug fixes than security flaws. Is that because Ubuntu or other Linux flavors are more secure? Probably - but a lot of that also comes down to market share more than programming quality.
One way or the other, the statement that patch management is a total nightmare isn't the case - it just depends on the approach and purchasing priorities that you set.
Disclosure: I don't work for nor have I ever worked for Lumension, and I haven't received anything (and won't) for posting this.