The less-than-humorous aphorism of the IT industry is that the final user is the beta test site. Unfortunately, that has been very trueand still is.
Some vendors have been less than diligent when coding their products, and correct the problems after the fact. Once bugs in their code are foundmost often by usersmanufacturers and vendors then create an advisory and provide patches for the found bugs. Most times, these code flaws are merely inconveniences to users. But sometimes they're far worse, allowing an unauthorized person to execute arbitrary code to gain access to a system or damage it using a code flaw known as a buffer overrun or buffer overflow. (Among the hacking community it's called smashing the stack.)