Home » TECH » The Verge - All Posts » Google’s Project Zero is now being more considerate with how it discloses security vulnerabilities

Google’s Project Zero is now being more considerate with how it discloses security vulnerabilities

Admin Wednesday, January 8, 2020 TECH, The Verge - All Posts Edit

Illustration by Alex Castro / The Verge

Google’s Project Zero cybersecurity team is trialling a new policy where it won’t make security vulnerabilities public early after a fix has been issued. “Full 90 days by default, regardless of when the bug is fixed,” is the team’s new policy, which it will trial for a year before deciding whether to adopt it permanently.

Under the old system, Project Zero’s researchers would give vendors 90 days to fix an issue before making the problem public. However, if a patch was issued within that 90 day window, it would disclose the vulnerability early. This can be a problem, because it means users have to rush to patch a vulnerability before hackers can exploit it. A vulnerability might be fixed by the company, but that doesn’t matter if the...

from The Verge - All Posts https://ift.tt/2sPjqjM

Admin

“Work hard in silence, let your success be your noise"

Google’s Project Zero is now being more considerate with how it discloses security vulnerabilities

Admin

0 Response to "Google’s Project Zero is now being more considerate with how it discloses security vulnerabilities"

Post a Comment

ad

Search Your Job