NewsGoogle Will Give Developers 2 Extra Weeks to Fix Vulnerabilities

Google Will Give Developers 2 Extra Weeks to Fix Vulnerabilities

Developer.com content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

Google’s Project Zero has recently publicly disclosed security vulnerabilities in several popular applications, including some made by Microsoft. The disclosures were controversial because Google gave the developers just 90 days to fix the bugs before it made the information public. In response to the criticism, Google is adding a 14-day grace period to its disclosure deadline.

A Google blog post explained, “We believe the policy updates are still strongly in line with our desire to improve industry response times to security bugs, but will result in softer landings for bugs marginally over deadline.”

According to Google, 95 percent of the bugs that the Project Zero team finds and reports to software developers are fixed within 90 days.

View article

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends & analysis

Latest Posts

Related Stories