They pretty much have. Sometimes people make mistakes that lead to vulnerabilities like this. It will be patched soon, then forgotten, and life will return to normal for everyone using IIS. We'll still run http in the kernel for performance purposes and everyone will conclude that no damage was really done. People will still use the same tech.. this vulnerability is not game changing and it'll be business as normal.

Lets not play the "my team is better than your team" hysterics, especially when we all had to do emergency patching for shellshock, heartbleed, samba, etc in the past couple months. Hell, sambra runs as root too.

There's a lot of security stupidity out there. I'm still waiting for a unixy OS to be written in something like Rust.

I know. Linux fan boys have the most intense selection bias. Check LWN to see this weeks distro security updates... somehow that doesn't count.

I'm with you on the rust kernel thing. All big piles of c code have the same problems.