Google’s Project Zero giving companies more time to roll out patches before disclosing details
April 16, 2021
The Project Zero team today announced an updated vulnerability disclosure policy for 2021. It follows changes made last year to better address perennial concerns from the broader security community.
In short, the Google security team in 2021 will wait 30 days before sharing technical details of a vulnerability that has been patched within the 90- or seven-day (for a zero-day) deadlines. That…