Older versions of of popular software such as Adobe (Acrobat Reader, Flash Player, Shockwave Player), Java, Windows Media Player, Web Browsers are vulnerable to exploits and should be kept updated. There are serious security issues with older versions which can increase the risk of system infection. Infections spread by malware writers and attackers exploiting unpatched security holes or vulnerabilities in older versions. Software applications are a favored target of malware writers who continue to exploit coding and design vulnerabilities with increasing aggressiveness.
The majority of computers get infected from visiting a specially crafted webpage that exploits one or multiple software vulnerabilities. It could be by clicking a link within an email or simply browsing the net, and it happens silently without any user interaction whatsoever.
Exploit kits are a type of malicious toolkit used to exploit security holes found in software applications...for the purpose of spreading malware. These kits come with pre-written exploit code and target users running insecure or outdated software applications on their computers.
Exploit Kits - Anatomy of an exploit kit
Using unpatched and unsupported Windows systems on the Internet is a security risk to everyone as they are prone to attack from hackers, Botnets, zombie computers and malware infection. The longer malware remains on your system, the more time it has to download additional malicious files and cause further damage which in turn makes disinfection more problematic. When there are compromised computers connected connected to the Internet, malware spreads faster and more extensively, distributed denial-of-service attacks are easier to launch, spammers have more platforms from which to send e-mail and more zombies are created to perpetuate the cycle. Without installing all supported service packs first, you are wide open to infection and other high security risks which are prone to an unpatched system.
Answers to common security questions - Best Practices for Safe Computing
How Malware Spreads - How did I get infected