It's Patch Tuesday again, and I have downloaded the updates. I've been thinking about the history of Windows/Microsoft updates. (a quick search didn't give me the answers I was looking for) How does it usually work ? Are there exploits in the wild, being abused, and reported to Microsoft, which then comes up with a patch ? Or is it also the case that Microsoft and security software companies do their own research, and discover vulnerabilities on their own ?