Microsoft has unequivocally condemned the practice of releasing zero-day vulnerabilities, deeming it "never justifiable" as a researcher publicly disclosed multiple unpatched flaws in Microsoft products, complete with working proof-of-concept code on GitHub. This move has effectively handed attackers and defenders alike a roadmap to exploit these vulnerabilities, putting immense pressure on organizations to assess their exposure and apply patches as soon as they become available. The researcher's decision to publish functional exploit code has significantly reduced the window for patching, leaving many at risk. Microsoft's stance on zero-day releases emphasizes the need for responsible disclosure to prevent widespread exploitation1. The immediate availability of exploit code on a Microsoft-owned platform underscores the urgency of this situation, making it crucial for security teams to evaluate their vulnerability posture without delay. This incident highlights the cat-and-mouse game between vulnerability researchers, vendors, and attackers, so what matters most to practitioners is the ability to respond swiftly to emerging threats.