What's happening: All software has vulnerabilities; weaknesses that cybercriminals exploit to break into computers. As software developers find these vulnerabilities, they release fixes for them.
What it means: An unpatched system is the devil's playground. Cybercriminals gain access to computers by exploiting vulnerabilities in unpatched computers. Standard antivirus/antispyware protection may be ineffective against attacks.
What to do: Management must make sure IT staff is diligently patching computers, not just Windows but all the software on the computer. Home computers also need to be patched. Consider replacing antivirus/antimalware with intrusion newer detection and prevention.
**********************************
Brian Krebs; Washington Post: Microsoft today pushed out software updates to plug at least eight critical security holes in computers powered by its various Windows operating systems. The patches are available through Windows Update or via Automatic Updates. ... The flaws were addressed in a bundle of five patches, each of which earned Microsoft's most dire "critical" rating, meaning they are serious enough that attackers could break into systems without any help from users.
http://voices.washingtonpost.com/securityfix/