Google sticks to its guns, will continue to publicly disclose security vulnerabilities

Angry child

Google risks incurring the wrath of its competitors after announcing it will continue to disclose any security vulnerabilities that are not fixed within 90 days.

The search engine giant’s "Project Zero" identifies high-profile bugs with the aim of creating more secure products for customers everywhere. However, recently the scheme has been criticized as a way for Google to embarrass its technology rivals.

In January, Microsoft requested that Google not reveal a security bug, as it was due to be corrected in the upcoming "Patch Tuesday" release. However, Google refused to budge on its 90 day policy and disclosed the vulnerability anyway.

According to Business Insider, Microsoft’s security research group director Chris Betz was among those to criticize the search giant.

"The decision feels less like principles and more like a 'gotcha', with customers the ones who may suffer as a result", he wrote in a blog post. "What’s right for Google is not always right for customers. We urge Google to make protection of customers our collective primary goal".

Similarly, Google revealed another Windows 8 security flaw just a few weeks prior to the Patch Tuesday release. The firm has also reportedly identified 43 potential vulnerabilities in Apple products and 39 involving Adobe software.

While some industry experts have praised Google’s strict policy, other have criticised the company as hypocritical. Despite the extensive database of errors identified by Project Zero, there is not a single flaw listed involving Google products.

Moreover, Google actually refused to patch a major Android vulnerability previously, arguing consumers should instead simply update to the latest version of the operating system to counter the threat.

Although watching technology giants take lumps out of each other in public is perhaps not the most dignified spectacle, Google’s monitoring of the security landscape is likely to prove beneficial in the long run for consumers. Late last year, it was revealed that PayPal took 18 months to patch a security bug, something that is unlikely to occur under Google’s watchful gaze.

Published under license from ITProPortal.com, a Net Communities Ltd Publication. All rights reserved.

Image credit: ollyy/Shutterstock

13 Responses to Google sticks to its guns, will continue to publicly disclose security vulnerabilities

© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.