Microsoft Announces New Security Policy For Windows Store, Windows Phone Store And Office Store Apps

2

Microsoft today announced a new security policy for 3rd party apps in Windows Store, Windows Phone Store and Office Store. According to this policy, the developer should submit an updated app which fixes the publicly reported security vulnerability within 180 days.

Today we are announcing a new policy for how we’ll handle vulnerabilities in apps available through the Windows Store, Windows Phone Store, Office Store, and Azure Marketplace. As with second Tuesday, we’re doing this to help protect customers and to ensure the apps available in our stores are as secure as possible. Starting today, developers will be required to submit an updated app within 180 days of being notified of a Critical or Important severity security issue. This assumes the app is not currently being exploited in the wild. In those cases, we’ll work with the developer to have an update available as soon as possible and may remove the app from the store earlier.

We also realize there may be rare cases where a developer needs more than 180 days. Should that occur – it hasn’t so far – we’ll work with the developer to get an updated app replacement as soon as possible.

Source: Microsoft

Microsoft today announced a new security policy for 3rd party apps in Windows Store, Windows Phone Store and Office Store. According to this policy, the developer should submit an updated app which fixes the publicly reported security vulnerability within 180 days.

Today we are announcing a new policy for how we’ll handle vulnerabilities in apps available through the Windows Store, Windows Phone Store, Office Store, and Azure Marketplace. As with second Tuesday, we’re doing this to help protect customers and to ensure the apps available in our stores are as secure as possible. Starting today, developers will be required to submit an updated app within 180 days of being notified of a Critical or Important severity security issue. This assumes the app is not currently being exploited in the wild. In those cases, we’ll work with the developer to have an update available as soon as possible and may remove the app from the store earlier.

We also realize there may be rare cases where a developer needs more than 180 days. Should that occur – it hasn’t so far – we’ll work with the developer to get an updated app replacement as soon as possible.

Source: Microsoft

About Author

Pradeep, a Computer Science & Engineering graduate.

  • grs_dev

    Seems reasonable…

  • Agosto Nuñez

    Security over all.