VB Migration

Tag: project zero

  • Google relaxes disclosure policy following criticism

    Grace period added for vulnerabilities that are about to be patched. Last year, Google announced a new disclosure policy, where details of a vulnerability discovered by the company’s researchers would be published within 90 days of the affected vendor being notified, regardless of whether or not a patch had been released. If the vulnerability were…

  • Google’s Project Zero to hunt for zero-days

    Bugs to be reported to the vendor only, and to become public once patched. Google has created a new team, called Project Zero, whose task is to find vulnerabilities in any kind of widely used software and to report them to the respective vendor. Few subjects in security are as controversial as the disclosure of…