Bad guys salivate when security problems are fixed by a company. They realize that they have the potential to exploit vulnerabilities that they did not previously know about.
Hackers are able to reverse engineer patches.
Hackers will review all published issues before releasing a patch. The hacker will often be able to read the article of the publisher and gain a better understanding of the severity of the vulnerabilities being patched. If one believes that the patch is urgent because of a high-risk vulnerability, then there’s motivation for the bad guys to reverse engineer it with the aim of finding the problem.
The hacker will then create an exploit to exploit the vulnerability.
Now the bad guy knows exactly what the patch did. Hackers will now be able to identify the steps required to exploit the vulnerability. Hackers will often find an unpatched system, then get to work. Others will create virtual machines to test the process in their lab before releasing it into the wild.
Hackers can now identify systems that are not patched and launch attacks.
Everybody, even the bad guys, knows that patch management is lacking within many organizations. This is a huge opportunity for hackers to exploit every system they can. Companies eventually catch up with their patches and close the loophole. It may be too late. Organizations that don’t respond quickly to a breach may have already suffered a serious injury or worse.
Many hackers wait for patches to be made available. The hackers then work their magic to figure out the patch and profit from the companies that aren’t up to speed when it comes security and patch management.
What is the moral of this story?
Make sure you understand and test the patch before it is released.