Microsoft has expended a massive amount of time, energy and money in the last few years to improve both the quality of its software and the speed and efficiency of its security response process. But, as the company s response to the privately disclosed MsVidCtl ActiveX vulnerability in Internet Explorer shows, Microsoft still has some ground to cover on the issue of timely response. Microsoft has turned patches around in as little as a few weeks in cases where there were critical flaws that were under attack in the wild.
Source: https://threatpost.com/microsoft-response-msvidctl-flaw-was-lacking-071409/72902/