Just days before the planned hard fork of Ethereum (Byzantium), the developers discovered a denial of service (DoS) attack bug in the popular node software Geth. The developers were forced to release a new version of Geth mere hours before the planned hard fork.
The problem is, as of right only 2% of nodes have installed the new version of Geth, leaving the other outdated nodes vulnerable. Approximately 75% of Ethereum nodes currently use Geth. That leaves a large number of vulnerable systems.
In line with this, Parity, the other node responsible for 25% of all Ethereum nodes also released a new version fixing a consensus bug. The parity release has seen a 20% adoption rate so far, also leaving many nodes exposed to this potential bug.
Time will tell whether most of the nodes will adopt the new versions in time for the hard fork. If the Geth nodes are not updated, they could become targets of coordinated DoS attacks to take Ethereum nodes offline. The ethereum community is no stranger to these kind of attacks.
All of this said, some developers are questioning the integrity of the approach being used to release hard forks. There's also talks of possibly postponing Byzantium. However, this in itself is a challenge as the hard fork date is hard coded into the software to trigger at a specific block number. Postponing would require all nodes to update their software before the planned hard fork date.
The Parity team suggested via a Tweet that they would be more comfortable postponing the hard fork.
The moral of the story is hard forks..are well, hard - in more way than one.