Bug in Ubuntu Linux Causes Major Security Hole

A bug dating back to September 2006 has recently been discovered in Debian Linux and its derivative packages, such as Ubuntu, affecting OpenSSL. OpenSSL is an important aspect of many websites' security.  In September 2006, a Debian fix accidentally caused the random number generation to not be so random, effectively creating mere 16-bit security keys, as opposed to 1024-4096 bits. How weak are 16-bit keys? A researcher was already able to calculate all the available keys in mere hours, meaning even novice hackers can crack the code with negligible force.  What's interesting is that it has taken over a year and a half to uncover, though who knows how long hackers have known.  And people say Microsoft security is lax?