Are many security holes going unexploited?
Wired is running an interesting article on security holes, why so many are found, and why we hear so little about the fallout from each. Though new security holes seem to appear almost weekly, it appears that few are ever exploited:
Some security experts suggest that malicious code attacks do happen but are dismissed by most users as just another wonky Windows software crash. But those same experts also cheerfully confess that most exploits aren't all that exploitable, and that the security industry profits by stirring up fear and frenzy.
Are security experts just trying to drum up business, or are malicious hackers a little behind the curve? Perhaps the majority of security holes aren't worth hacking to begin with.
Regardless of the reasons why, it's comforting to know that if I don't manage to install the latest security patch right instantly, I'll probably be OK, for a little while at least.