Microsoft's HoneyMonkeys project is using XP PCs with various levels of patching to search for malicious download sites. If an original unpatched XP PC is affected by malware on visiting a website, an XP SP1 machine is sent to the same site to see whether the SP1 patch fixed the vulnerability. If that fails, an SP2 machine is tried, and so on up to the most recent fully-patched version of XP. If the latest version is still vulnerable, they are presumably facing a 'zero day' exploit, worth further examination. The project confirms the importance of maintaining version currency to minimize the level of known vulnerabilities.
More change management resources