The ignorant here is you and massively so. First, this is about what to do once a vulnerability is known. You, know, the time when it becomes really, really dangerous to leave it unfixed because all the script-kiddies start attacking it. And then, whoever said anything about you having to come up with patch yourself? That is the closed-source mind-set where every modification of software is almost a criminal act, to be committed in solitude and secrecy. Yes, somebody has to come up with a patch, and there are people out there that have a lot better skills at this than you (and yes, I mean you specifically) and can do it, and that still do not work for the vendor. If any one of them publishes a patch, the worst you have to do is verify it solves the problem, but even that is in basically all cases replaced by peer-review among those that have the required skills. This process works and has worked for decades. It is the main reason Linux exists.
Your hostility towards open source does one thing: It makes you look very, very stupid. It also makes you look like somebody that enjoys being at the mercy of a vendor, like a good little follower that submits to authority because that obviously is how one must live.