Brett_Tabke - 12:27 pm on Jun 11, 2010 (gmt 0)

the issue was reported June 5th, 2010 (a Saturday) and then made public less than four days later. “Public disclosure of the details of this vulnerability and how to exploit it, without giving us time to resolve the issue for our potentially affected customers, makes broad attacks more likely and puts customers at risk,” he said, stressing that the workaround suggested by Ormandy is inadequate.

It is one thing when someone in the general public does this, but when it is Google - that is fairly bad practice. They usually give them 30 days to fix it. With Google prepping a desktop Operating System, it would be wise to remember that old saying, "what goes around - comes around".