Number of vulnerabilities in software commonly found on PCs shot up by 71 percent between 2009 and 2010. Main contributor is not vulnerabilities in Microsoft products but vulnerabilities in third-party products. Third-party programs are also much harder to patch due to a lack of a unifying patch mechanism. Patching is often regarded as a secondary security measure by non-security staff. Despite being the weakest point in modern IT systems, the main challenge is to educate users and IT administrators to prioritise the deployment of security updates.”]
Source: https://www.csoonline.com/article/2134558/third-party-apps–bad-news-for-security.html