without digging into the full details of how the determinism stuff interplays with the protocol stack, their solution actually might have worked out ok if they had generated a second hash to fill the last 9 bits.
if they had happened to write this implementation just a month or two later, they could've written it to use CryptGenRandom on XP or later, and fallen back to the deterministic approach on Win9x, and this bug would've been avoided.