Microsoft has today announced that it has warned Windows App developers that they need to clean up their in-app security act and patch serious vulnerabilities within the next 180 days or their applications will be pulled from the Windows Phone Store by Microsoft.
The Microsoft policy was announced by the Microsoft Security Response Center (MSRC) on Tuesday together with the release of July’s Patch Tuesday flaw-fixing slate.
New Security Policy for App Developers
Effective immediately, Microsoft Windows App developers must fix vulnerabilities in their apps rated “critical” or “important”, the top two rankings in Microsoft’s four-step threat-scoring system. This new policy aims to enhance the overall security of the Windows ecosystem by ensuring that all applications meet stringent security standards. Developers are now under increased pressure to regularly audit their code and respond swiftly to any identified security issues.
Microsoft’s own Windows, Office, or Azure apps are also covered by the new policy. This move underscores Microsoft’s commitment to security across its entire suite of products and services. By holding its own applications to the same standards as third-party apps, Microsoft is setting a precedent for accountability and security.
Implications for Developers and Users
Computer World explains that Apps under the 180-day watch include:
“Apps in the Windows Store, which feeds “Modern,” née “Metro,” apps to Windows 8 and Windows RT; the Windows Phone Store, the Office Store, the e-mart for third-party apps and add-ons for Microsoft’s productivity suite; and the Azure Marketplace, where customers and companies buy and sell “Software as a Service” (SaaS) applications as well as data collections, including demographic and financial datasets.”
This comprehensive policy affects a wide range of applications, from consumer-focused apps in the Windows Store to enterprise-level solutions available in the Azure Marketplace. Developers who fail to comply with the new security requirements risk having their applications removed, which could lead to a loss of revenue and user trust.
For users, this policy is a significant step forward in ensuring that the apps they download and use are secure. With the increasing number of cyber threats, having a robust security framework in place is essential. Users can now have greater confidence that the apps they are using have been vetted for security vulnerabilities and are less likely to be compromised.
Steps Developers Should Take
To comply with the new policy, developers should take several proactive steps:
1. Regular Security Audits: Conduct regular security audits of their applications to identify and fix vulnerabilities.
2. Update Libraries and Dependencies: Ensure that all third-party libraries and dependencies are up-to-date and free from known vulnerabilities.
3. Implement Secure Coding Practices: Follow best practices for secure coding to minimize the risk of introducing new vulnerabilities.
4. User Education: Educate users about the importance of keeping their apps updated to benefit from the latest security patches.
By following these steps, developers can not only comply with Microsoft’s new policy but also contribute to a safer digital environment for all users.
Microsoft’s new policy is a clear message to developers about the importance of security in today’s digital landscape. With cyber threats becoming more sophisticated, it is crucial for developers to prioritize security in their development processes. This policy not only protects users but also helps maintain the integrity and reputation of the Windows ecosystem.
Source: Computer World : Microsoft :
Latest Geeky Gadgets Deals
Disclosure: Some of our articles include affiliate links. If you buy something through one of these links, Geeky Gadgets may earn an affiliate commission. Learn about our Disclosure Policy.
