This week brought us the rare double rainbow of a re-emergence of the disclosure discussion and major security news from Microsoft, all wrapped into one. It truly was a gift from Mother Nature. But Microsoft’s decision to change its disclosure stance–and refusal to pay bug bounties–wasn’t the only big news. The Stuxnet saga continued to widen and weirden, a major privacy leak cropped up in Safari and the roots of the mass SQL injection attacks were exposed. What does it all mean? Read on for the full week in review.