Two things - neither of them comforting
First, if you don't think the NSA and other intelligence agencies don't have similar code to backdoor any and every OS, you're naive. They've gone well beyond the days wheen they had to collaborate with Cisco to install a backdoor.
Second, once the attack is found, anybody can use it. I assume China released it (probably after using it for a time) because they have their own version that will not trip the antivirus patterns that are now being written.
Biting the hand that feeds IT
