So building your FreePBX system and then never touching it again in regards to updates is a poor way to manage your system. Just ask these 1200 companies that didn’t roll out a security patch from a year ago.
Now what interests me on this is where these Distro/PBXact based systems or just standalone FreePBX installs. Because I’ve said it before and I’ll say it again, the non-Distro release of FreePBX lacks serious security as it has no real default firewall. That is something that should be addressed.