Microsoft's security patching of WIndows has not always been proactive, it has often been reactive with patches being issued after a vulnerability has been discovered and reported by independent researchers. It's not uncommon for active exploits to be reported before a patch is released.
While there undoubtedly will be new exploits which will not be patched in the OS, it's worth keeping in mind that the vulnerabilities that these exploits will be taking advantage of already exist in the OS. They may have been there since XP was released, or at the very least since the last Service Pack. In that regard, since XP will not be changing, there will not be any new vulnerabilities - only new exploits of already existing vulnerabilities which have not yet been discovered or taken advantage of by malevolent hackers. So we have effectively been living with many of these weak spots in the OS for years.
To what extent counter-measures such as EMET or "Automatic Exploit Prevention" will safe-guard against any such new attacks remains to be seen. Also, to the degree that past experience may be an indicator of future expectations, we may get some glimpse into what to expect with XP from the history of earlier versions of Windows after MS support ended for them (e.g. - Win2K, Win95, Win98, etc.) Was there an epidemic of compromised systems? The horizon may be darkening for XP users but the sky may not be falling.