Since Up to 85 % of all virus infections occur as a result of drive-by attacks automated via commercial exploit kits, CSIS has actively collected real time data from them for a period of three months. The purpose of their study is to reveal precisely how Microsoft Windows machines are infected with malware and which browsers, versions of Windows and third party software that are at risk. They monitored more than 50 different exploit kits on 44 unique servers / IP addresses. The statistical material covers all in all more than half a million user exposures out of which as many as 31.3 % were infected with the virus/malware due to missing security updates.

http://tech.slashdot.org/story/11/10...d-with-malware