Software vendors should respond to actively attacked vulnerabilities within seven days, Google says
Google wants vendors to fix or offer mitigation advice for previously unknown and actively exploited software vulnerabilities within seven days of their discovery.