Despite Oracle Java being ranked among the highest risk vulnerabilities, a startling 72% of Java users are not bothering to update their software to the latest and safest versions.

The results of a new study from Kaspersky Lab, which surveyed 11 million Windows users during the 2012 calendar year, lays out disturbing statistics: 806 unique vulnerabilities were discovered in the survey period. But the "good" news is that only 37 of those security gaps were considered to be truly widespread and dangerous.

Don't get too optimistic, though: those 37 vulnerabilities accounted for over 70% of all detected vulnerable software last year.