Google’s Project Zero announces changes to its Disclosure Policy. All vulnerabilities will be released after 90 days by default regardless of when a bug is fixed. Project Zero is trialing a new policy for bugs reported starting January 1, 2020. The goal is to provide a more consistent, and fair way to release patches, wrote Project Zero’s Tim Willis in a blog post. It hopes to create equity among vendors so no one company, including Google, gets preferential treatment. Last year, 97.7% of issues were addressed under the 90-day deadline.”]