micro-weenie has a great excuse not to patch a 'defined and known' problem...
"A security researcher has downplayed the significance of publicly released attack code exploiting a critical vulnerability in newer versions of Windows, saying it isn't reliable enough to force Microsoft to issue an emergency patch."
So, if it is a defined security problem that only works (let's say for arguments sake) 10% of the time...
In 5 days time at just a 10% success rate, how many computers can be affected??
with 1,000,000 computers as a theoretical number, that would be 100,000. Not an impossible number in 5 days.
Wonder why I don't use whine-doze