Security Slice: Project Zero Day Problems

Google’s Project Zero recently published a new Window’s 8.1 bug along with exploit code. Project Zero gives vendors a 90-day window for a fix before an exploit goes live and Microsoft failed to respond in time; so Google’s team decided to publish the vulnerability before a patch was available.
Did Google give Microsoft a fair shot at a fix?
Listen to our latest security slice podcast and hear Ken Westin, Tyler Reguly and Craig Young discuss the potential impact of Project Zero on software vendors’ security behavior, why publishing the exploit code for this vulnerability may not introduce new risks to consumers and the relative “fairness” of Project Zero’s 90-day timeline.