Microsoft Windows App developers are bound by the deadline to fix all the vulnerabilities in their applications that are marked as "critical" or "important", which are the two top marks in Microsoft's system for tagging security threats.
The new policy also applies to Microsoft's own Office applications and Azure, a period of 180 days to fix security threats includes Metro and "non-metro" apps in the Windows Store for Windows 8 and Windows RT, applications in Windows Phone Store, Office Store , e-mart for "third party" apps, add-ons for Microsoft productivity suite, and Azure Marketplace where users and businesses buy and sell SaaS (Software as a Service) applications as well as data collection, including demographic and financial data sets.
Microsoft says that this will not affect the change of terms of agreement which has already been signed with the developers, since they already have clause by which Microsoft can remove applications for other reasons mentioned in the contracts.