We spend a lot of time touting Vista's security benefits, and now here's some real-world proof: Microsoft recently confirmed a browser exploit that's specific to Windows XP and Internet Explorer 6 and 7.

Here's the crucial bit of data, as reported by Computerworld:

Users running IE6 or IE7 on Windows XP and Windows Server 2003 are vulnerable to the drive-bys attacks, Microsoft said. Vista and Server 2008 are not at risk, however, nor are people running IE8, Microsoft's newest browser.

Reports like this make all the more baffling recent surveys suggesting that IT departments are sticking with Windows XP and have no immediate plans to upgrade their operating systems.

If nothing else, it's in every enterprise's best interests to upgrade to Internet Explorer 8, which, in addition to being more resistant to ActiveX exploits, offers greater protections against malware and phishing.

And yet we're forced to wonder: Why, oh why, have so many organizations elected to remain with less-secure operating systems and browsers? Doesn't it cost more to deal with security breaches after the fact than it does to deploy newer, safer software? Share your thoughts in the comments.

Follow Simplify PC Solutions on Twitter!