From Symantec: 

With the advent of Vista and the continued use of the Security Development Lifecycle, it is likely that Microsoft-authored code will become more difficult to exploit. As a result, attackers may turn their focus to common third-party applications that are authored by companies that have not employed the Security Development Lifecycle or other secure development practices, and, therefore, may be less secure.

I agree with this. As I said a few days ago, I believe we'll see a reduction in Vista vulnerabilities over a two-year period, but I think all software developers and vendors should start taking this security stuff seriously.