I've yet to see a good Linux/Unix distribution that offers centralized patch management in an easily administered manner to compare with WSUS.
Kernel issues still require a reboot.
Kernel issues do not always require a reboot.
Most of the time you can have a run-time patching within a separate LKM (Loadable Kernel Module).
Check this out for some more info about run-time patching
is there anything that you can name that can do more than Linux?
Easy, Chuck Norris!
It would be quite an accomplishment to introduce a remote exploit directly in the kernel.
Here you go : that's not that hard to achieve (well, it is, but that's not impossible) : http://dvlabs.tippingpoint.com/advisory/TPTI-06-02 (Driver BO will run on kernel-mode obviously), so remote BO's on kernel side are not that never heard of.
"Two researchers, Dan Kaminsky and Moxie Marlinspike, came up with exact same way to fake being a popular website with authentication from a certificate authority."
Here's what happened : Moxie Marlinspike found this and sent his boss a message through his website, but the problem was, Mr. Kaminsky had tried his DNS poisoning on that website and all the traffic went through Kaminsky. Kaminsky afterward declared that he had found a way to do it
Of-course I'm j/k but Dan is a genius and can do it
"The hands that help are better far than the lips that pray." -- Robert G. Ingersoll