Exploit over 6 months old still un patched

[Lead Head]

..and now it has been published and circulating through the internet

October 10, 2008 (Computerworld)  Microsoft Corp. yesterday acknowledged that exploit code is circulating for a vulnerability it reported six months ago, but it has yet to patch.

Source Here

I don't understand why microsoft does this, they seem to have no problem finding bugs, but they don't patch them until they really start to get serious, like when the actual exploit gets published.

[davidnix71]

The clickjack multi-browser exploit involving Adobe Flash is still unpatched and they sort of gave away what it involves.
The published workaround is to ALWAYS refuse to allow Flash to use your microphone or camera.

Get it here:

http://www.adobe.com/support/security/advisories/apsa08-08.html