Re: Oops!
Do you believe most of these bugs are found looking at the code? Vulnerability researches have a plethora of other methods to find vulnerable code, even in non open source one (but there are people outside Microsoft who have access to Windows code - just you need to be eligible for that). The only real drawback is you have to wait for a fix - you can't fix it yourself (if you're able to do it properly).
And these bugs have been in OpenSSL for years and years, until Heartbleed opened the worms can...