Microsoft has fully embraced the app store model for many of its current products., That includes Windows Phone 8 and Windows 8, which recently went over the 100,000 apps mark in the Windows Store. However, some third party apps that are published by Microsoft in those stores could have security problems that are discovered later. Today, Microsoft said that any third party apps that are released via their download store fronts will be required to update their apps if a major security issue is found.
In a post today on Microsoft's Security Response Center blog, the company went over their new policies for third party app security updates. The policy covers apps published in the Windows Store (Windows 8) Windows Phone Store (Windows Phone 7/8) along with the Office Store (Office 2013/365) and Azure Marketplace (Windows Azure). The blog states:
Starting today, developers will be required to submit an updated app within 180 days of being notified of a Critical or Important severity security issue. This assumes the app is not currently being exploited in the wild. In those cases, we’ll work with the developer to have an update available as soon as possible and may remove the app from the store earlier.
The blog adds that Microsoft will work with any app developer who discovers they need more than 180 days to fix any security issue with their apps.
Source: Microsoft | Image via Microsoft