|
|
|
|
|
|
by kbenson
2447 days ago
|
|
|
Because blackhats look through updates to determine what has been fixed by reversing the change, and try to capitalize on the time between an update being available and it being widely deployed. The more you raise awareness of people that might be susceptible to attack in that time frame to get them to update sooner than automated systems would allow, the less victims there are to exploit. I imagine there's probably a short time after update release, almost definitely in the single or double digit hours range, where you might be helping the blackhat that would reverse it do it quicker, but it's probably hard to do more harm than benefit by releasing the details earlier than later. |
|
|