Google’s Project Zero will wait longer before disclosing security flaws – Engadget

Google’s Project Zero security team will wait an extra 30 days before disclosing vulnerability details so end-users have enough time to patch software, Google has announced. That means developers will still have 90 days to fix regular bugs (with a 14-day grace period if requested), but Google will wait an additional 30 days before disclosing the details publicly. For flaws being actively exploited in the wild (zero day), companies still have seven days to patch, with a three-day grace period on…

Click here to view the original article.