On Friday night May 12th, security researcher Tavis Ormandy of Google’s Project Zero announced on Twitter that he had found a Windows bug. Well, not just any bug. It was “crazy bad,” Ormandy wrote. “The worst Windows remote code exec in recent memory.” By Monday night, Microsoft had released an emergency patch, along with details of what the vulnerability entailed. And yes, it was every bit as scary as advertised.