Undisclosed "1-day" is real and has gone on forever. A popular set of tools is binary diff tools such as the now defunct Zynamics acquired by Google. There is evidence. The amount of tooling around examining MS patches should convince most.
With so many eyeballs on release diffs, undisclosed vulnerable were often discovered (and still are). With the number of experts on file observing this it should not be controversial at all.
Got it. Quora post is suspicious. That said windows is a lot of machine code. It is more than plausible. NSA is known to have an active relationship with Microsoft.
If 9/11 == inside job is say 2/10 plausible this Quora speculation like 7/10 plausible IMO.
I was responding to the Quora link (where the question was "is there any evidence for backdoors in Windows or other client software for the NSA/CIA?")