"I think they're doing a better job. They've got the processes in place to better manage their software development in line with security," says Paul Henry, forensic and security analyst at Lumension. "They really have put a great deal of effort into this, and if you look at the longer-term trend, I think they're really starting to bear some fruit from it."

However, although Kandek acknowledged that the critical patch is the most severe Microsoft has seen this year, he believes it will ultimately amount to little more than a bump in the road in Microsoft's pursuit of widespread security advances. Especially given that RDP is "relatively old software," Kandek believes that the threat does not accurately reflect Microsoft's recent security work.

"We see that every once in a while one of the available network services has a weakness that can be used by an attacker," he says. "It's older software that was developed and designed before security was really focused on by Microsoft, so it's not too surprising that this happened."

Above all else, Kandek believes the sudden emergence of a severe vulnerability for an outdated Microsoft product is a sign that customers will need to upgrade in order to reap the benefits of the vendor's work in security.

"The newest version is the NLA protocol, and that is actually working, it does not have the vulnerability," Kandek says. "So that's the positive side effect there. It just illustrates that the more legacy things we use, the more exposures will be found in the software."