Google Search page (Photo : Reuters)
Project Zero is a Google initiative that tests various programs and software developed by other companies to detect loopholes and bugs hackers can exploit.
Upon detection of exploit points, Google notifies the software developer and from there the developer is given 90-days to come out with a patch that remedies the flaw before the app is released into the public domain. Google recently announced it will extend this grace period.
Under the new grace period, Google won't release the loopholes its detected to the public as long as software companies can provide a patch within the next 14 days from detection of the problem, according to PCmag .
Google said the 90-day period given to software companies further encourages companies fix their system before malicious intruders can infiltrate it and do more damage.
Recently, Google and Microsoft had a tussle in which the former informed the public about a Microsoft vulnerability a few days before Microsoft was to have released a patch. Microsoft was outraged, saying the 90-day period wasn't enough time for them to patch the problem.
The recent loosing-up of the grace period is a relief to companies since they know Google won't publish their software bugs as long as they're able to patch it in time.
"While it is positive to see aspects of disclosure practices adjust, we disagree with arbitrary deadline because each security issue is unique and end-to-end update development and testing time varies", said Microsoft senior director for security response center, Chris Bets, to Computer World, .
