The security hole was discovered in May by IBM researchers, who then teamed up with Microsoft to fix it before publicly releasing its existence, BBC News reported Wednesday. The Windows bug, dubbed WinShock, could be used to remotely run code on a computer if the user views a malicious webpage via Internet Explorer. Once a machine would be infected, the attacker could control it remotely.

The flaw affected every version of Microsoft's desktop OS since Windows 95.

Freeman said. "I have no doubt that it would have fetched six figures on the gray market."

19 years sounds like a ridiculously long time.