The findings come from the Internet Storm Center, basically a tool that acts as an early warning system for internet security threats, operated under the auspices of the SANS Institute (SANS stands for SysAdmin, Audit, Network, Security.) The Institute, based in Maryland, is a leading source for information security training and certification.
The Institute calculates survival time as the average time between the reports generated for an average target IP address. "If you are assuming that most of these reports are generated by worms that attempt to propagate," it explains, "an unpatched system would be infected by such a probe."
The average time between probes will vary widely from network to network. Some users subscribe to ISPs which block ports commonly used by worms, thus lengthening "survival time". But those connected to high speed services are frequently targeted with additional scans from malware.
"If you are connected to such a network, your 'survival time' will be much smaller," it explains. "The main issue here is of course that the time to download critical patches will exceed this survival time."
The SANS Institute has published a guide for home users and small businesses setting up an XP-based system.