(no title)

Yes, those costs will ultimately be embedded in product pricing and borne by the customer, but that's good. It gives vendors a financial incentive to develop more secure software and reduce their security update costs (and earn more profit). (Nothing is perfectly secure, but a culture change and following certain practices can help. Think Microsoft pre-trustworthy computing memo and Microsoft today.)