Basically, almost all of the corporate, law firm, and some medical services, plus many government (US, state, and local) - e-mail messages within the USA - are now being read by state hackers.
It is a major achievement for such international states’ intel gathering.
Other vulnerabilities have been much worse IMHO.
Tons of them in the past have permitted or facilitated code injection.
And who knows what can be injected, such as something like Stuxnet V.37
Exactly. It must be tough being a foreign agent in the US. How do you justify your existence? Tech savvy agents back home can exploit holes in Windows any day of the week and gather more information than you would in a lifetime.