A while ago Google announced its project zero, which is a team of security researchers, whose goal is to find bugs in software, so that you, dear user, can use the web and technology securely. They were very up front about how the team would work. They would report bugs and vulnerabilities that they have found to the companies or people responsible for maintaining the software. Google would give the developers 90 days to fix the bug and then let the world know about it.
It turns out that Microsoft Windows has a few bugs in it(who knew?). On more than one occasion Google discovered vulnerabilities in Windows. On two of these occasions Microsoft was notified of these vulnerabilities and was “unable” to patch the vulnerability before the 90 days elapsed. I have read many articles about this and I feel like they are almost all completely out to lunch. I won’t even link to them because I feel they are so poorly informed on this topic.
Read Full Article