1. habrahabr.ru is not a "underground forum", but very known Russian IT-related site.
2. The vulnerability was not "first surfaced on a Russian underground forum three months ago". It was posted to the Habrahabr at the late night 13 Nov (23:49).
3. "Three months" is the time, how long Skype/Microsoft know about this vulnerability.
Cite from original (http://habrahabr.ru/post/158545/ , Russian), just the very 1st sentence from article:
"Месяца три назад я писал об этой критической уязвимости в skype support, но она до сих пор не исправлена."
"About three months ago I reported this critical vulnerability to skype support, bit it isn't fixed even now."