Dual_EC_DRBG was a little different. It introduced an asymmetric key that only the NSA had the private key for. So only the NSA was able to exploit it. If they were to make stuff complex generically with the hope of it being buggy, it would lead to bugs that other intelligence agencies could exploit.
Do they really care though? NSA's previous handling of zero days [1] suggest that they care more about advancing their offensive capabilities even if it means putting critical public infrastructure at risk.
