Software vendors such as Adobe, Microsoft, Oracle and others produce frequent security patches that plug holes that can be exploited by bad actors.
If you don't install these patches on a regular basis on your hosts, desktops, laptops and phones your infrastructure will be at risk and will eventually be compromised.
CVE Details is a good place to keep up on the patches. They consolidate vulnerability data from the National Vulnerability Database ( NVD ) and www.exploit-db.com . Another great site is Mitre's CVE site here .
Here are 2 examples to give you some perspective on how many vulnerabilities a software can contain:
Here is a simple chart that shows how many vulnerabilities have been published over the years in the Windows 7 Operating System:
Windows 7 Vulnerabilities By Year
...as you can see, there are many ways to be exploited if you don't keep your software up to date!
NetWatcher will warn you about outdated Java and Flash software with the following Alarms: "Outdated/Vulnerable Java Version" and "Outdated/Vulnerable Flash Version".