Threat actors generally have the most success exploiting known vulnerabilities within the first year or two of their disclosure. Their value gradually decreases as the associated software is upgraded and patched. Safe automated patching reduces the effectiveness of known exploitable vulnerabilities, decreases the pace of threat actor operations and forces adversaries to pursue more costly and time-consuming methods, such as zero-day exploit development. Establishing an automated patching process - across all endpoints - is table stakes for a good security posture. Your endpoint defense, such as EDR, should be your last line of defense against unpatched vulnerabilities. An EDR should be capable of detecting and preventing an exploit attempt.