Microsoft has announced this week that it will be removing Windows Phone apps that the company deems to have critical vulnerabilities. Microsoft notes in a TechNet blog post that developers will be provided 180 days to patch the issues in their app or their work will be pulled from the store, preventing consumers from accessing the app from their smartphones or via the web.
The 180 day guideline is in place for apps that have not been exploited in the wild. For those that have vulnerabilities and have been exploited, Microsoft reports that it may look at removing said offending app even sooner. This policy spans across the Windows Phone Store, but it will also cover the Office Store and Azure Marketplace.
Dustin Childs, the Group Manager for Response Communications for Microsoft Trustworthy Computing, noted the following in a previous blog post:
"We want our customers to know that, if there's a problem, we'll be working on a solution. But there are some things that can affect your computing experience that I can't directly control. For example, we can't directly update third-party apps that you install from the Windows Store if they have a problem. But we can influence when they get updated."
Microsoft actively publishes vulnerabilities found in its own suite of apps and services, including Internet Explorer. We welcome this move by Microsoft to really tackle the issue with app security and third-party developers. We've previously looked at the issue with spam apps on the Windows Phone Store and while Mcirosoft has been slow to act on such content, it's definitely more important to square away potential security threats.
Windows Phone is still growing as a platform and Redmond certainly needs to show the world of consumers that it's both safe and secure to use Windows Phone and apps available on the store, especially if it's to heavily promote the likes of Kid's Corner.