Google Relaxes Project Zero Bug Disclosure Policy

by

googlesearchGoogle's security team Project Zero recently announced some changes to its bug disclosure policy after controversially exposing Apple and Microsoft security flaws when the companies failed to meet the 90-day deadline. The new disclosure deadline has a 14-day grace period and excludes weekends and public holidays, providing tech companies with more time to properly address security vulnerabilities in their software.

"We now have a 14-day grace period. If a 90-day deadline will expire but a vendor lets us know before the deadline that a patch is scheduled for release on a specific day within 14 days following the deadline, the public disclosure will be delayed until the availability of the patch."

Project Zero is a security team consisting of experienced programmers that look through the code of Google and several of its competitors to discover security flaws, like those uncovered in OS X Yosemite back in January. The team immediately discloses any vulnerabilities found to vendors, providing them with a 90-day deadline to release a software patch before sharing the vulnerabilities with the public.

The role of Google playing security watchdog for other companies has been the subject of much debate, with some believing that the company has a disingenuous agenda and others claiming that it is taking appropriate action. Google claims that it holds itself to the same 90-day policy it enforces on other tech companies, with bugs in the pipeline for Chrome and Android that are subject to the same deadline policy.

Tags: Google, Project Zero

Popular Stories

Apple Watch Ultra 2 Complications

Apple Watch Ultra 3 Just Weeks Away: Eight Reasons to Upgrade

Wednesday August 20, 2025 6:44 am PDT by
We're only weeks away from Apple's annual iPhone event – rumored to take place on September 9 – and along with the new iPhone 17 series, we're going to get a new version of the Apple Watch Ultra for the first time since 2023. By the time the Ultra 3 is unveiled, it will have been two years since the previous model arrived. The intervening period has left plenty of room for enhancements,...
Read Full Article70 comments
apple wallet drivers license feature iPhone 15 pro

iPhone Driver's Licenses in Apple Wallet Now Available in 10 U.S. States

Wednesday August 20, 2025 12:00 pm PDT by
In select U.S. states, residents can add their driver's license or state ID to the Wallet app on the iPhone and Apple Watch, providing a convenient and contactless way to display proof of identity or age at select airports and businesses, and in select apps. This week, Apple announced the 10th U.S. state that has implemented the feature: Montana. Below, we have recapped key details about...
Read Full Article67 comments
iPhone 17 Pro on Desk Centered 1

iPhone 17 Pro Launching Next Month With These 12 New Features

Wednesday August 20, 2025 1:23 pm PDT by
Apple's iPhone 17 Pro and iPhone 17 Pro Max should be unveiled in a few more weeks, and there are plenty of rumors about the devices. Below, we recap key changes rumored for the iPhone 17 Pro models: Aluminum frame: iPhone 17 Pro models are rumored to have an aluminum frame, whereas the iPhone 15 Pro and iPhone 16 Pro models have a titanium frame, and the iPhone X through iPhone 14 Pro...
Read Full Article
airpods pro 2 green

Apple Releases New Beta Firmware for AirPods Pro 2 and AirPods 4

Tuesday August 19, 2025 11:25 am PDT by
Apple today provided developers with updated beta firmware for the AirPods Pro 2 and AirPods 4, allowing them to test the new AirPods features in iOS 26, iPadOS 26, and macOS Tahoe. The firmware is only available to developers at the current time, and a device running iOS 26, iPadOS 26, or macOS 26 is required to install the update. The firmware has a build number of 8A5343a, up from 8A5324b. ...
Read Full Article29 comments
iPhone 17 Pro Dark Blue and Orange

When Is iPhone 17 Coming Out?

Wednesday August 20, 2025 5:00 am PDT by
Apple's iPhone 17 series is expected to debut in September 2025. This release follows Apple's recent trend of introducing new iPhone models annually in the fall. To unveil the iPhone 17, iPhone 17 Air, iPhone 17 Pro, and iPhone 17 Pro Max, Apple is expected to hold its annual iPhone announcement event during the week of September 8, 2025, with September 9 or 10 emerging as the most likely...
Read Full Article
TechWoven

Apple Rumored to Launch 'TechWoven' Cases for iPhone 17 With 'Crossbody Strap' Option

Wednesday August 20, 2025 8:21 am PDT by
Apple is planning to launch a new "TechWoven" line of cases for the iPhone 17 series, according to a leaker known as "Majin Bu." Two years ago, Apple stopped selling leather iPhone cases, as part of the company's efforts to reduce its carbon emissions. As an alternative, Apple introduced a new "FineWoven" line of fabric iPhone cases made from 68% post-consumer recycled content, but they were ...
Read Full Article148 comments
Generic iOS 18

iOS 18.6.2 Update Coming Soon for iPhones

Tuesday August 19, 2025 9:29 am PDT by
Apple's software engineers are testing iOS 18.6.2, according to the MacRumors visitor logs, which have been a reliable indicator of upcoming iOS versions. Yesterday, an anonymous source with a proven track record said iOS 18.6.2 was incoming, but the update was not present in our logs at that time. Last year, the same anonymous source claimed that iOS 17.5.2 was in the pipeline, but Apple ...
Read Full Article24 comments

Top Rated Comments

viorelgn Avatar
viorelgn
137 months ago
How many Android phones are out there with vulnerabilities unpatched? Google is doing this to sabotage their competitors. I don't believe their humanitarian story one bit.
Score: 44 Votes (Like | Disagree)
sualpine Avatar
sualpine
137 months ago
Oh gee, Google, thanks. Thank you so much for being less of an ass trying to audit every single other company's software, except for your own. Has the Lollipop memory leak been fixed yet? Where is 5.0.3?
Score: 30 Votes (Like | Disagree)
kuwxman Avatar
kuwxman
137 months ago
The normal Google haters in here ignoring that them doing this is a good thing for everyone...
Score: 22 Votes (Like | Disagree)
Musocat Avatar
Musocat
137 months ago
What a bunch of assbags.
Score: 22 Votes (Like | Disagree)
marzer Avatar
marzer
137 months ago
I don't see how this could be a bad thing. It's not like they are finding bogus issues, it's all been legitimate vulnerabilities. If Apple and MS were against it, they could step up their own internal efforts to find and fix vulnerabilities before a third party can expose them. I think this is a really good thing for users. It's a really good thing for security.
Score: 15 Votes (Like | Disagree)
till213 Avatar
till213
137 months ago
How many Android phones are out there with vulnerabilities unpatched? Google is doing this to sabotage their competitors. I don't believe their humanitarian story one bit.

I couldn't give less than a rat's ass for whatever reasons Google digs out security issues with their competitor's products. Someone does it. Security issues get fixed (or not). That's all that counts.

If Google doesn't reveal those issues, chances are that they go unnoticed by the good guys - but the bad guys are already exploiting them, so making security issues public after a grace period makes the world a better place.

It's that simple.
Score: 12 Votes (Like | Disagree)
Read All Comments