Microsoft broke a variety of records in 2010 when it comes to identifying and patching software vulnerabilities. Some will debate that it is a function of sloppy development and poor attention to detail, while others suggest that Microsoft has simply become much more effective at finding flaws and vulnerabilities, and much more responsive about dealing with them.

Microsoft set a few monthly high marks for the number of security bulletins , and compiled a formidable total of security bulletins for the year. Symantec's Egan says, "Related to the number of security bulletins released is the number of individual vulnerabilities fixed by Microsoft in 2010, which was nearly 100 more than what they discovered and corrected last year. By our count, the 2010 tally is 261; last year, the company patched 170 vulnerabilities."

Web Attack Toolkits

The rise of automation techniques such as Web attack toolkits continued at a dramatic pace throughout 2010. These kits lower the bar in terms of programming skill for would-be attackers--enabling even coding novices to quickly exploit new vulnerabilities, and develop sophisticated malware attacks.

Andrew Brandt, lead threat research analyst at , states, "It was a big year for customizable, highly configurable, and very slick-looking exploit kits. Exploit kits are sold to malware distributors, and can instantly turn a Web server into a drive-by download site."