[imron]

After Snowden, the Obama administration made a commitment to the tech community that it would not hoard security vulnerabilities, and would instead pass them on to vendors to fix.

This release shows that they did not honour that commitment.

[justaman]

A government would only ever disclose a vulnerability once it has a better one to replace it. The government needs a method to counteract an attack from another source(thats their reasoning).

[imron]

Not necessarily. The reasoning should surely be that if we can discover it and use it against them, then they can discover it and use it against us, therefore we should notify the vendors and have the vulnerability removed.