Aside from honey pots, there are also honey nets (google on honey nets or on the name Lance Spitzner who is very much involved. He’s got some good books out on the subject.
Microsoft (and maybe other groups as well) has what is called a “Honey Monkey” project. Similar in objective to a honey pot, it is pro-active where there are a number of computers running different versions (updates and such) of supported operating systems and browsers (Win 2000, Win XP, Vista, etc.) and possibly other applications. These systems go out and search many web sites, looking to get compromised. If you start with XP, service pack 2 for example, and the system gets compromised, then the URL that did the damage is referred to a more recently patched version of the O/S or browser. If it still gets compromised when they’re up to the latest version of everything, then they’ve found a Zero-Day exploit – and they can start work on a patch before the bad guys are aware that they know about it. The reason for this is that with the increase in organized crime (and others) trying to compromise PCs, many of the folks who discover a vulnerability do NOT want to share or publicize it – they want to keep it for themselves for their own use.
As for vulnerabilities for which patches are known and available – why aren’t they patched immediately?
The answer is not as simple as it might seem – but here are some major factors.
Lazy and/or ignorant system administrators
Overworked system administrators
Management which does not make this a priority
Personal Computer owners who are lazy or ignorant
Personal Computer owners who are fearful of applying ANY change
Anyone who is not aware that applications as well as operating systems need patching due to vulnerabilities
For most people and most systems, the Microsoft automatic Windows Update is adequate. There is also Office Update. The official “new” standard is “Microsoft Update” but this has been plagued with several problems – not going into those.
To do a little “myth busting” here, the hackers are mostly NOT 10 steps ahead. There are some very skilled individuals out there, but most of the hackers are taking advantage of vulnerabilities for which patches have long been available. I recommend that you read some of Ira Winkler’s books on the subject. He has some strong opinions (with which I agree), but he presents his material well and is a known authority on the subject.
Does this answer your question?
Unknown threats are in any computer system or network are indeed unseen and unknown to our knowledge because those are program codes running within the computer or operating system. The best way to know unknown threats are to scan your computer system in a full system scan mode to make sure that all areas are scanned carefully. Make sure that you will use the latest and updated antivirus software before doing it.