Hackers Use Patches To Develop Exploits

Vulnerabilities are found in operating systems and applications on a virtually daily basis. Often, security experts feel like it is a race between the good guys and the bad guys. The belief is that if the vendor does not develop and release a patch quickly, some malicious developer will write an exploit for the vulnerability. It seems that this belief may be somewhat backwards. Indications are that the patch itself is often reverse-engineered to discover exactly what is patched so they can then determine how to exploit it. It seems that rather than picking through millions of lines of code and trying to find their own flaws, the developers of vulnerability exploits are lazy and wait for someone else to find them. Hackers Use Patches To Develop Exploits.