Vulnerabilities are not Threats
Symantec recently published their 2011 Threat report. I always find this an interesting read and a worthwhile read. But I have a pet peeve with a common mis-classification of vulnerabilities as threats. These two items are distinct, but related items: threats will often exploit vulnerabilities to achieve their goal. While related, vulnerabilities are not threats and mixing the two confuses the conversation.
Symantec is not oblivious to this fact as they carefully keep this distinction in mind when writing this report. In sections referring to vulnerabilities, they do not mix the