At least you weren't working at the Microsoft Security Response Center.

FORBES: Magazine Article

On its Security Response Center blog Microsoft said it had been notified about the flaw in December 2006 and had been working on a fix since then.

BBC: NEWS | Technology | Quick fix for Windows cursor flaw

"Four days is typically not enough to complete the initial investigation of the vulnerability and thoroughly test a comprehensive update, " said Mike Reavey, director of Microsoft's security response center.

WSJ: Computer Experts Face Backlash

"Our investigation has shown that there are no new or unknown vulnerabilities being exploited, " he wrote in a statement on the Microsoft Security Response Center's Web site on April 25.

FORBES: Google-Hacking Goes To China

In response, the Center for Security Policy has established the National Security and New Media Journalism Project.

CENTERFORSECURITYPOLICY: Balancing National Defense Interests and Press Freedom