US has the most to
lose, not gain, by not fixing vulnerabilities as soon as possible, since most of the "Internet" happens in US and through US companies. But the administration has been negatively influenced by intelligence/cyberoffense advisers ("Yes, Minister" [1] style) in thinking that the Internet is a war zone, and
must be controlled by the military - rather than a platform for commerce and many other things, from which US stands to gain (or lose) the most.
I highly recommend Schneier's latest talk on this. He makes it more clear why NSA is so wrong in thinking the way they do about vulnerabilities:
https://www.youtube.com/watch?v=3v9t_IoOgyI
[1] - https://en.wikipedia.org/wiki/Yes_Minister
