The Google Project Zero team said that around 95.8% of the security bugs they find in other software and report to their respective vendors get fixed before the 90-day deadline for a public disclosure expires. From a report: That’s quite the batting average for one of world’s most infamous cybersecurity programs. In a statistic shared on Wednesday, Google’s elite security team said that during its whole history — from July 17, 2014, when Project Zero was created and until July 30, this week — its researchers found and reported a total of 1,585 vulnerabilities to a wide range of hardware and software vendors. Of these, Google said that vendors failed to deliver a patch before the final deadline expired only for 66 reports. As a result, its researchers were forced to make vulnerability technical details public before a fix was made available to users.
Read more of this story at Slashdot.
Source:
https://tech.slashdot.org/story/19/08/02/1524204/google-project-zero-958-of-all-bug-reports-are-fixed-before-deadline-expires?utm_source=rss1.0mainlinkanon&utm_medium=feed