It was Adobe’s policy to only fix bugs if they get discovered.

It is really that simple. They refused to fix it internally before somebody would find the bugs.

There really isn’t more to add except if I’d search for a link, but I won’t do that.