Great attitude guys!
So with all the flack that MS got from Oracle regarding security (including Oracle's Unbreakable campaign about 6 years ago), I think it's totally outrageous that Oracle's answer to fixing a security flaw is 'Yes we have resolved the problem, but we're not releasing the fix until next year.' - yeah, that's the way to win confidence in your customers lads!
So whilst admins are waiting for the fix, they will have plenty of anxious moments wondering if they are at risk from this bug.
At least MS has gotten their act together and release security patches often. Even if they do still get negative opinions about their software, at least they have listened to customer needs regarding software security.