“Hackers exploit security vulnerabilities in software for 10 months on average before details of the holes surface in public, according to a new study.
Researchers from Symantec reckon that these zero-day attacks, so called because they are launched well before vendors are even aware of the vulnerabilities, are more prevalent and more potent than previously thought.”
Source:Hackers get 10 MONTHS to pwn victims with 0-days before world+dog finds out • The Register