Now, I am not a security expert, but I do not understand how they can delay a security patch of this nature just so that it can be part of a bundle of patches… this is showing a total lack of consideration for people’s computers and businesses’ data. I like OpenSource software but I’m not usually the first one to fire shots at MS. But on this one, I have to admit this shows something else.
If Microsoft were a firm making any other products — let say baby milk — and they learned that their milk under certain conditions could be harmful to the babies drinking it, they would have been compelled then to callback all the milk boxes and pay back their customers. Otherwise you would get a scandal like it happened last year in China and everyone would be shocked (as everyone was when that happened).People would have expected such an action and if not, they would have been attackable in front of a court of law.
Now, I am not saying that they should pay back everyone for a software that should not really be used anymore anyway*, but they should have had the profesionalism and the respect for their customers to release a security patch at the time — not even waiting for a patch tuesday — but on the day it was patched. I cannot really fathom to imagine what possible explanation they have for this, so if anyone knows, I’d like to hear it.Exposing everyone else for the fun of it just does not cut it.
*:although it has been discovered since then that this may also affect IE7/8 which makes it even less commandable.