Here's a ZDNet post about crackers getting information from Microsoft's own security advisories and using it to exploit unpatched systems. Examples like this serve to highlight an important principle (that Microsoft and others in the so-called "responsible disclosure" camp don't seem to understand): you cannot stop the bad guys from finding out about vulnerabilities.

Vendors of vulnerable products should:

1. Inform everyone affected by the vulnerability immediately; detail any known workarounds or mitigations.
2. Fix the vulnerability quickly.
3. Work on preventing the product from becoming vulnerable in the future.

Users of all products should:

1. Assume their systems are vulnerable.
2. Monitor for suspicious activity.
3. Have a plan for recovery of compromised systems.

Anything less is irresponsible.