"Google's security research database has after a 90 day timeout automatically undisclosed a Windows 8.1 vulnerability"
1. not made known or revealed: an undisclosed sum"
From that description i assume google has a database of recent security vulnerabilities (from the last 90 days).
Vulnerabilities are immediately public information, then after 90 days they are removed from the list as they arent recent, and assumed to be patched ?
Its the opposite and the person writing the description for the story should have said disclosed instead of undisclosed.
(sarcastic comment about reundisclosing the vulnerability so they can redisclose it in another 90 days)