Google Project Zero is changing how cybersecurity vulnerabilities are disclosed by announcing bugs publicly within a week of reporting them. This initiative aims to reduce the โupstream patch gapโ and improve communication between vendors and end-users to enhance overall security. #MicrosoftWindows #GoogleBigWave
Keypoints
- Google Project Zero now publicly discloses reported bugs within one week to increase transparency.
- The traditional 90+30 timetable remains, but earlier public alerts aim to address patching delays.
- The focus is on reducing the โupstream patch gapโ caused by delays in integrating patches into end-user devices.
- A new transparency page will describe affected products and report dates without revealing technical details.
- Since June 1, six vulnerabilities have been reported, including issues in Microsoft Windows and internal Google products.
Read More: https://therecord.media/google-project-zero-publicly-announce-vulnerabilities-week-after-reporting