Let me point everyone to this incredible timeline: a major security hole was fixed in Mozilla within 36 hours.
Before the vulnerability was known to the public for 24 hours, Mozilla had released updated versions of its poducts and patches for users running previous versionsThis is the kind of response that most companies could only dream about, and here we are talking about a distributed, largely volunteer enterprise. This is worth benchmarking against.
...
In the course of less than a day and a half of public vulnerability, all Mozilla versions were updated, a security note was released, and new downloaders were secure by default
