Yea, the bug we are talking about is of course not a real “bug”. But imagine a security exploit lives for that long in the Windows Kernel and for the past 17 years and everybody are ignore till just recently
a Google engineer recently discovered a vulnerability in Microsoft’s 32-bit Windows kernel that had been around since 1993.
But wait yea it just another bug not a big deal
True, if you are into software industry you will soon realize that nothing is 100% perfect. EVERY software company is shipping their product with bugs, this is a fact which is inevitable. All software engineering can do is try to make it as nearly close to the goal as possible. In another words, there is no such thing called perfect code, unless it’s something fairly trivia.
This is why there is always patches after patches, and security updates comes with a software. A very good example is the IE6 security vulnerability which Google was being attacked from and Microsoft has just released an update specially targeting for this issue.
So back to topic what would happen to me if this lived bug didn’t get spotted ?
According to Microsoft advisory
An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
ah! sounds pretty scary ? but don’t worry just like what happen to the IE vulnerability this will be patched with an fix also, hopefully soon 
source via [gizmodo] via [computerworld]
