Their group had addressed the vulnerability within times, he stated, attributing it up to a “bad code push”.