Right, the article makes it seem that the attackers have the advantage in that they can try to attack everything at once, but the defenders have the advantage in that they each need to defend only one product.

But it is true that if attackers more easily find holes in software that's hard to patch (embedded), that's a problem.