"Microsoft would have been perfectly content not to have to issue a patch for the WMF [Windows Metafile] bug," Pescatore said, "if news about it hadn't been made public." But then the exploit, which was found by hackers, not legitimate researchers, could have attacked users that much longer.
"The pressure has to be on the vendors to make their software better," Pescatore said. "If we all shut up about vulnerabilities, yes, a lot these attacks wouldn't happen. But when one did, it would be ten times worse because we wouldn't be prepared."
And he discounted the idea that security firms had ulterior motives when they posted alerts on Mac OS X bugs and worms.
"Sure, security companies would love to sell anti-virus to every Mac user. But with Macs accounting for just 5 percent of corporate desktops, and half of those already covered by AV, it's not that big of a market for security vendors to stir things up."