The only thing that was AFAIK grossly mis-handled was the password list leak. He should have set the confirmation/claim process into working *before* someone hacked into accounts and distorted the market.
He also ignored attempts to report the nasty CSRF, that came to light right before that all went down, for about a week. But, I digress.
I have no plans to "nail him to the wall" for every mistake. In fact, I will probably not be looking at mtgox at all after the next 72 hours.
And to clear things up, this is a little more than just a display bug. This is also the cause of the weirdness people have been reporting about it dropping from 17->15 etc without executing orders in-between.
Edit: btw why not change the name of this topic now that it turned out not to be a "trade matching bug" at all?
It
is a trade matching bug. Trades are not revalidated on withdrawal/deposit to the account. I never claimed it was an exploit. "Exploiting" in the original text is the normal english use of the word, not the info-sec use. So no, I will not change the title.