AI turns patches into working exploits in 30 minutes, and the 90-day disclosure window is the casualty

Language models find security flaws faster and turn patches into working exploits in minutes. A veteran researcher says the established disclosure process needs to change.

When someone finds a critical security vulnerability, the standard practice is to report it to the vendor and give them up to 90 days to ship a patch before going public. This model, popularized by Google's Project Zero, rests on four assumptions that security expert Himanshu Anand says no longer hold true.

• First, that the person who found the bug is most likely the only one who spotted it.
• Second, that even if other researchers discover the same flaw, they will take their own time.
• Third, that the vendor has a comfortable head start on writing the patch.
• Fourth, that after a patch ships, attackers still need days or weeks to reverse-engineer a working exploit.

Anand has spent more than a decade in cybersecurity, currently working as a Firewall Security Analyst at Cloudflare and previously at Symantec. His team, Water Paddlers, was a three-time consecutive finalist at the DEF CON hacking competition. In a detailed blog post, he walks through three real-world examples showing how AI language models undermine all four of those assumptions.

Eleven reporters, one bug, six weeks, and 30 minutes from patch to exploit

In April, Anand reported a critical flaw in an online store that let anyone complete purchases for zero dollars. The vendor's response: he was the eleventh person to report it in six weeks. A triage staffer Anand quotes describes the pattern: Once someone discovers a flaw using an AI tool, waves of nearly identical reports roll in within days. Anand's question is simple: if ten honest researchers find the same flaw, how many find it and stay quiet? That kills assumptions one and two. The vulnerability isn't exclusive, and parallel finders don't need extra time.

His second example involves React, the widely used web framework. After several security patches were released, Anand downloaded the source code diff and used a language model to help him build a working exploit. It took 30 minutes. Experienced reverse engineers used to need days for the same work. That eliminates assumption four. The window between patch and exploit, once a safety net for administrators, has effectively disappeared.

AI-discovered Linux flaw breaks embargo in hours

The most striking case involves the Linux kernel. In late April, the team Xint Code published a vulnerability called "Copy Fail," discovered through a one-hour AI scan. A 732-byte script gives attackers root access on nearly every Linux distribution going back to 2017. Within days, Iranian threat actors were exploiting the flaw to hijack servers for DDoS attacks.

A week later, researcher Hyunwoo Kim disclosed a vulnerability called "Dirty Frag." Kim had negotiated a five-day embargo with Linux distributions so they could prepare patches together. That embargo was broken within hours by third parties who had independently discovered and published the same class of vulnerability. By the time the details were circulating publicly, no distribution had a patch ready. Microsoft's Defender team confirmed active exploitation within 24 hours.

That takes out assumption three: vendors no longer have a coordinated head start, because the information simply can't be contained anymore.

Vendors, researchers, and admins all need to move faster

Anand draws specific recommendations for three groups. Vendors should treat critical bugs as P0 emergencies and fix them immediately, not work them into regular sprint cycles. The clock starts the moment a report comes in, not at the triage meeting. Researchers should push for shorter disclosure timelines instead of politely waiting 90 days. Anyone who finds a flaw is statistically no longer the only one who knows about it. And administrators should deploy patches immediately rather than waiting for the next monthly maintenance window.

Development teams, meanwhile, should integrate language models defensively into their pipelines, using them to automatically analyze patch diffs, continuously scan their own dependencies, and verify that deployed patches actually work. Attackers have already taken this step, Anand writes. "Right now, the attackers are winning that race."