Remember the widespread mass-mailer attacks of years ago? Those attacks are still out there and will be for a long time, but I doubt theyre infecting many new systems these days. And the mass network worm attacks like Sasser and Blaster are still in the background, but patched long ago, and no new vulnerabilities have emerged for a long time to allow such attacks.
In the meantime, defenses have shored up, especially in business. Effective network-level protection is cheap compared to the risks of not using it. Even a simple NAT box blocks a huge percentage of threats.
The pattern we began to see emerging in 2006 was the narrow, targeted attack. The old style of mass-bombardment of attacks appears to be a thing of the past. Its been over a year since we had a major Windows attack, Zotob if I remember correctly, and even that was not an all-timer. Even though it got a lot of ink, I still dont consider the WMF bug of a year ago to have been a major attack.
Zotob used the MS05-039 Plug-and-Play buffer overflow vulnerability to spread. There have been Windows vulnerabilities since then, but no widespread attacks based on them.
Instead a new pattern has emerged: Shortly after the monthly patch day, new zero-day attacks are discovered. Not widespread attacks, but narrowly targeted attacks against specific enterprises. A blog entry from Microsofts Security Response Center says that in the cases where they say that theyre aware of "very limited, targeted attacks," they are talking about a few, perhaps as few as one or two.