Which way to jump?
It has been a while since I was told this, so perhaps things have changed. My understanding is that Microsoft rates the severity of flaws and creates patches for them based on their risk and not the risk to their customers. Such an approach might be used to explain behavior of this sort given that any patch has risk associated with it and this particular flaw wasn't causing that much trouble in the wild, at least not to MS directly.