Google prepares for a big change

With a post on the official blog, the Google team working on Project Zero has announced important news regarding the timing of dissemination of details relating to the vulnerabilities found and resolved from time to time.

The Mountain View giant says that it is happy with how their disclosure policy has worked over the past five years, as 97.7% of vulnerability reports are now resolved within 90 days while some problems in 2014 took six or more months before having a patch.

In 2020, partner companies will be given 90 days regardless of when the bug was solved: in practice, regardless of when the solution to a problem was found (20 days, 50 days or 90 days), the details related to it will always be disclosed on the ninetieth day.

Google Project Zero

The new goals of the Project Zero team include faster patch development and improved procedures to make these solutions available to users faster, a more in-depth way to deal with problems (to solve them at 360° and not only superficially) and the increase in users’ awareness of the need to update their devices to install a resolving patch of a certain bug.

These new rules will be adopted for a twelve-month trial period and only after that will Google decide whether to keep them or not.

Aidan Rogers
Aidan loves being described as Jack of all Trades. He is literally good at everything be it Singing, Writing, Games, Drifting, Hiking, Swimming and above all He is a good Teacher. He is also a web developer with over 100+ successful projects completed.
    0 0 votes
    Article Rating
    Notify of
    Inline Feedbacks
    View all comments

    You may also like

    More in:Global