Comment Re:the danger isn't immediately afterwards (Score 1) 117
It's been pointed out (I think correctly) that *the* major source of information for blackhats is the patches themselves. The patch info tells you what it fixes, and then it's relatively easy to reverse-engineer that patch -- and then you go looking for systems that haven't applied that patch, with full knowledge of exactly what to exploit. Patches function as signposts for vulnerabilities.
Funny how after Win2K support ended, there wasn't a rash of new Win2K exploits. Same for Win98. Win95. Win3.x. And not just because "no one is using them anymore" -- as you say, why wait to attack systems *after* they've lost major marketshare?? that would be just plain stupid, since there'd be fewer targets, and the left-behind users are those LEAST likely to have anything worth stealing.