While it's sometimes fun and informative to go crunching the numbers of security vulnerabilities, I much prefer to spend my time making sure that my systems are as secure as possible, and that means making sure that as many possible stepping stones across my digital moat are removed and cracks in the digital castle's walls fixed - what I'm interested in is keeping the marauders out of my digital kingdom.
No matter whether the OS is Windows, Mac or Linux, you can't escape the fact that you're going to have to spend some time caring and feeding your system - and anything that makes that process easier is welcomed by me!
An application that goes a long way to help people like us keep on top of the constant firehose of updates and patches is Secunia PSI. This program (which is free for personal use) constantly monitors your system for insecure software applications, and will even let you know if you install an insecure application. Best of all, it will even supply you with detailed instructions for updating many vulnerable application it comes across.
Patching isn't always easy, and the more applications that you have installed, the bigger hassle it becomes. This is why I always suggest that you have the minimum number of applications installed on a system - just the stuff that you need. The more you add, the bigger the patch load becomes and the more likely it is that you won't apply patches.
But what do you do when things get out of hand? This is where I find that nuking the entire install and reloading (hopefully from an image that's not too cluttered up with detritus). Whenever you reload from an image there's always going to be a certain level of patching that will have to be done, but hopefully things won't be anywhere near as bad.