Google Project Zero: 95.8% Of All Bugs Are Now Fixed By Defenders Before Attackers Can Do More Harm

Bug Tracking
Photo Credits: zdnet.com

There was a 90-day deadline to fix all the technical bugs that are happening in software, and the Google Project Zero reported to the vendors that the 95-8% of the viruses would be set before that deadline. Now it is quite a batting average for one of the world’s most popular and trusted security programs. Moreover, as per a statistic shared on Wednesday last week, Google’s elite security team stated that when July 17, 2014, the project Zero was started, until July 30, the last week, users reported total 1,585 technical vulnerabilities among a various software and hardware vendors.

Google also said that there was a time when the vendors failed to deliver their patches and only produced 66 reports before the final deadline has expired. And that resulted in researchers forced to publish reports about those technical vulnerabilities before they fix everything to make the users secured.

Google also adjusted its disclosure deadline back in 2015

In the Google Project History, the standard delivery deadline was superb strict, 90 days that started from 13, 2015 and Google also added a 14-day grace period so that they could extend the delivery under any circumstances. Google also said that this thing had helped them a lot in improving and fixing bugs, and within the strict deadline, the vendors would work hard to achieve their technical fixes. As planned, the strategy helped out a lot, and that also affected the efficiency and statistic of the overall program.

Google also said that this strategy helped them fix over 1224 issues within 90 days and 174 questions in 14 days. And there were 36 vulnerabilities that they disclosed because no patch was seen. Or in other words, 97.5% of issues are fixed under that strict deadline.

References:

https://googleprojectzero.blogspot.com/p/vulnerability-disclosure-faq.html

https://googleprojectzero.blogspot.com/2016/10/taskt-considered-harmful.html

https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html