Well, to be fair, not one that you are aware of. I can’t speak to any actions that we may or may not have taken on those who may have used an exploit. What I can say is that in some situations, to echo what Leviathan mentioned, on issues that we may not have a fix, we’ll generally hold off on penalty until we do have a fix ready. I can’t say that will happen in the case you are referring to, but there may be a rude awakening at some point.
Entirely different issues. Some things have such simple resolutions that it is literally a matter of clicking a box, or changing a 2 to a 0 in a line of code. Other issues, may require a small feat of programming, or restructuring a fundamental feature in order to address the issue. Those kinds of changes can’t be done in a hotfix or a binary update, it requires extensive testing and must be included in a content patch.
I’ll answer the second part first… We, the collective Blue “We”, don’t generally post about potential exploits, especially if we don’t have an immediate resolution for them, to avoid attracting more people to try them out.
As for the inconsistency, we actually are extremely consistent based on the issue but you’d have to know the differences with those to have insight.