How long before MS deals with these issues?
I found this link to eEye's Upcoming Advisories on Full Disclosure. This highlights the issue of patch mechanisms and releasing info on known exploits. Certainly the present patch system isn't working (and MS' particular method of announcing a week beforehand that a patch will be released strikes me as nothing more than marketing).
To me, there are two issues here: disclosure of known problems and the patch process. I personally believe in full disclosure (the concept) as it makes admins more aware of problems and should, for the most part, help them pay attention to risks. The second issue is one that I truly don't know what the answer is other than perhaps expanding MS patch team. Evidentally, they do not have enough power if it takes more than 3 months (6 months for the most recent ASN vuln) for them to put out solutions to help secure/fix systems.
Maybe it's just me.