Google's Project Zero disclosure program is supposed to encourage releases of security fixes in a timely fashion, but things haven't gone according to plan. Premature disclosures, half-hearted fixes and other issues have been a little too common. The company might address some of those problems in 2020, though. It recently revised its policies in a bid to encourage both more "thorough" security patches and wider adoption of those patches. Most notably, Google will wait 90 days to disclose a flaw even if it's fixed well ahead of that deadline. If developers act quickly, they'll have more time to both distribute patches and make sure that fixes address the root cause of a flaw.