Fair argument, though if that were the case, ALL Windows machines not running CS would be severely infected right now, which isn't the case. In an event that you're rightly thinking of, the headline would have been "All Windows user data stolen during massive global cyberattack." That CS failed to run exactly when it was supposed to, would be a secondary story of a limited (about 8 million) number of machines.

Additionally, Microsoft made the decision themselves to only use 2 of the 4 protection rings in the x86 architecture. Nobody forced them. It was their decision, just like allowing CS to operate at ring 0, at the kernel level in order to have access to everything. This should have been a ring 2 operation, not ring 0.

I honestly don't think there was an imminent cyber-attack that forced CS' hand to push another update quickly. They just wanted to, and Microsoft allowed it while knowing very well just how risky it is running anything at kernel level.