Recently a vulnerability was uncovered related to WMF files on Windows OS's.  This vulnerability has yet to have a functional workaround or patch from Microsoft.  The security community has taken it upon theeselves to issue a workaround that alleviates the issue.  This is a good sign that the community is willing to spend effort to protect Microsoft's customers at no value to themselves except credibility.

Various credible companies and groups have supported this code development level workaround.  This is better then Microsoft's response which has included a workaround which breaks functionality and a couple of useless blog postings. 

It seems that Microsoft has taken the CYA (cover your a--) path - contacting law enforcement and publishing a bulletin, but not actually protecting their users.  WTF?  Isn't that out of order in the list of priorities?

I have submitted a plea to Microsoft to work with the security community to provide and approve such workarounds.  Clearly they don't have the manpower or time to devote to this problem as lots of people are being attacked due to this vulnerability.  So the next best thing for Microsoft to do is accept the community based efforts and support them.

This clearly isn't about open source or providing free protection services, its all about protecting the customers.  Microsoft consistently has placed its company above the customer during these security issues.  It is a disgusting trend that has had impact on lots of their customers.  I hope their customers vote with their wallets.