Microsoft has tightened the security requirements for apps available on its online stores, while providing plenty of wiggle room to avoid alienating much-needed developers.
The policy introduced Tuesday places the responsibility of fixing vulnerabilities on developers, who face having their apps yanked for non-compliance. The new rules are effective immediately on the Windows Store, Windows Phone Store, Office Store and Azure Marketplace.The requirements are unlikely to scare away the majority of developers. Microsoft is giving them a maximum of 180 days from the time a vulnerability is confirmed to submit an updated app.
The timeline applies to vulnerabilities that are rated critical or important, but are not under attack. The ratings will be based on the system outlined in the Microsoft Security Response Center.
While Microsoft has the right to pull apps from its stores, it is unlikely to do so very often under the generous timeline. To date, no developers have taken that long to fix a security problem, says Microsoft.
SOURCE: csoonline.com
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Experts Insight On US Pipeline Shut After Cyberattack
Most Active Commenters
Recent Comments
“Cybersecurity Awareness Month’s new evergreen theme "Secure Our World” is…
“Avoid storing data on personal devices: A crucial but often overlooked…
“I recommend a new nuance to passwords that isn’t often…
“In my role overseeing cloud environments and incident response, I'm…
“Cybersecurity Awareness Month serves as a reminder to confront the…