The vulnerabilities don't pop into existence when some vulnerability researcher finally goes public about it and/or manages to convince MS to acknowledge+fix, but if you look at the vulnerability's actual existence timeline it's not that great a comfort.
But yes they've been cajoled to improve their reactitivity. Their customers have very high tolerance of security flaws still, partly due to self-selection.
But yes they've been cajoled to improve their reactitivity. Their customers have very high tolerance of security flaws still, partly due to self-selection.