This is what I meant. To me it's like you have the blueprints for the bank/mansion you want to break into. So they will just look for the doors in the source.
Russian (and now Chinese) hackers are known to be particularly clever.
However, in this case, I think the entire exploit was relying on user laissez-faire and was rather straightforward, from what little I've read.
Regardless of market vetting by any camp, over-trust by users will probably always be the most-used infection vector for any OS, in my opinion.
People often flame me for what I'm about to say, and that's a don't-care for me:
I note that the report on this exploit was given by a anti-virus/malware vendor.
I've noted over the years that the anti-virus/malware vendors seem particularly adept at fixing viruses almost as soon as they're released into the wild - and the more vendors for that sort of thing there are, the more viruses seem to crop up.
People tell me there's no one hiding under my bed and that I have cause and effect wrong.
And I just follow the money.
On this, I'm probably completely wrong. I often am.
In this case, the exploit did accompany a profit motive for the black hats.