That is the main problem with closed source software; in the event of a security hole, you as a customer / company are left to the mercy / arrogance of your software vendor to patch the flaw. Until he does, you can do nothing but become increasingly concerned, since you're left to the increasing danger of having your machine compromised in the meantime. This might be the right time to educate people about the main merit of open source software: As soon as a security hole is discovered, virtually anyone can contribute to a timely resolution. 0day? Fixed tomorrow!