Here is huge reason why patching systems in your organization is so crucial:
The above site is selling code that exploits the MS15-034 security hole – this vulnerability allows remote code execution through an IIS security hole in Windows Server 2008 and 2012. The patch for MS15-034 was published less than a week ago. If there’s any case to be made for immediately patching your systems, this one is pretty clear.