ATTENTION: You are viewing a page formatted for mobile devices; to view the full web page, click HERE.

Other Software > Developer's Corner

Microsoft gives app developers 180 days to fix bugs


But the Redmond giant has also announced a change to the Security Policy for its Store Apps, in order to make the apps available on Windows Store, Windows Phone Store, Office Store, and Azure Marketplace safer for users.

"The policy, which is effective immediately, requires developers to fix security vulnerabilities in their apps and enables Microsoft to remove an app from sale if the developer does not provide an effective fix. The requirement applies to all apps available in the online stores, including Microsoft apps," the company explained.

"Developers will have a maximum of 180 days to submit an updated app for security vulnerabilities that are not under active attack and are rated Critical or Important according to the Microsoft Security Response Center rating system. The updated app must be submitted to the store within 180 days of the first report that reproduces the issue."
--- End quote ---

So ... is this a bad thing!?

I think I'm missing the story, or maybe the subtext.

Just a heads up, posted in the Developers Corner, for those that need to know.

It doesn't seem like too bad a thing. It's only Critical and Important issues, and only *IF* reported AND the vulnerability is reproduced. And it's 6 months. That gives the smaller developers time.

This can only be good for consumers. Half a year seems a very long time for exploits to be developed? I understand it might take longer than a month, but maybe the only way to push this policy through Microsoft and their partners was to be generous with the time limit, with the hope that it might be changed in the future.


[0] Message Index

Go to full version