Releasing a new piece of software to only find its filled with security holes is probably an experience developers aren’t too fond of experiencing. If they’re developing software for be included in Windows Store, Windows Phone Store, Office Store or Azure Marketplace, then they should now know Microsoft is only giving them 180 days to patch their software.
Developers are required to submit an updated application within 180 days once Microsoft notifies them of a “critical” or “important” security issue that has been discovered. In Microsoft’s announcement, the company says they “realize there may be rare cases where a developer needs more than 180 days. Should that occur – it hasn’t so far – we’ll work with the developer to get an updated app replacement as soon as possible.”
If a developer isn’t able to provide an updated application within the 180 days Microsoft requires, and hasn’t contacted them to request an extension, then the application will proceed to be removed from the marketplace it’s been submitted to. Although, if you can’t issue an update to your application within six months, then we don’t see why Microsoft shouldn’t remove your app from their stores.