Recently there were a WMF (Windows Meta File) security vulnerability in Windows.
It caught alot of attention, and third-party patches started appearing. And Microsoft had to release a patch for it earlier than planned.
Supposedly you get infected by just visiting a website and a image loads which contains executable code.
Steve Gibson of GRC, a well-known media whore and PR marketing and self-proclaimed security expert claims that it was not a bug, but an backdoor.
See following links:
* http://www.grc.com/x/news.exe?cmd=article&...back&item=60006
* http://www.grc.com/sn/SN-022.htm
Some interesting read.
He says that there is no way it could have been a bug or bad code. He says it must have been an intentionally placed code to work as a backdoor. He also claims MS was aware of this due to the code must have been checked when there was earlier bugs in the code (2 bugs). So it must have been spotted.