Yeah, this is actually addressed in the further paragraphs:
>Raiu went on to say the reliance on the highly unusual vulnerability is one of the things underscoring Duqu developers' extraordinary talent and the plentiful number of additional unpatched security bugs with the same unusual capabilities they likely have at their disposal.
>"These guys are so confident to develop their entire platform based on this zero day it means if they get caught and this zero day is patched they probably have another one they can use, which I would say is a pretty scary thought," he said. "Nobody develops an entire malware platform based on just one simple assumption that this zero day will work forever, because eventually it will be discovered and patched. And when it is patched your malware is not going to work anymore. I think that's also very scary and quite impressive."
Still the attackers' resources are not unlimited - they lost some development time, and maybe some unique opportunities which were possible only with this particular zero-day.
>Raiu went on to say the reliance on the highly unusual vulnerability is one of the things underscoring Duqu developers' extraordinary talent and the plentiful number of additional unpatched security bugs with the same unusual capabilities they likely have at their disposal.
>"These guys are so confident to develop their entire platform based on this zero day it means if they get caught and this zero day is patched they probably have another one they can use, which I would say is a pretty scary thought," he said. "Nobody develops an entire malware platform based on just one simple assumption that this zero day will work forever, because eventually it will be discovered and patched. And when it is patched your malware is not going to work anymore. I think that's also very scary and quite impressive."
Still the attackers' resources are not unlimited - they lost some development time, and maybe some unique opportunities which were possible only with this particular zero-day.