Microsoft is tightening up the security requirements for apps listed in the Windows Store, Windows Phone Store, Office Store and Azure Marketplace. If developers are notified of a security vulnerability, they must post an update within 180 days or Microsoft will take down the offending app. Microsoft's Dustin Childs added, “This assumes the app is not currently being exploited in the wild. In those cases, we’ll work with the developer to have an update available as soon as possible and may remove the app from the store earlier.”
According to the latest (ISC)² Global Information Security Workforce Study (GISWS), application vulnerabilities are the number one IT security concern for enterprises.