Google to make critical security exploits public after 7 days
Despite opposition, Google will make critical security exploits public after seven days | The Verge: "Google’s security researchers are well known for uncovering vulnerabilities in other people's products. Standard operating procedure is to give the affected company sixty days before publishing the problem, keeping things under wraps until a fix can be shipped out. But when it comes to critical vulnerabilities that are actively being exploited, Google wants its researchers to cut that down to just a week. A post on its Online Security Blog explains the reasoning behind the seven-day guideline: "each day an actively exploited vulnerability remains undisclosed to the public and unpatched, more computers will be compromised." . . ."