Google just disclosed a major Windows bug and Microsoft isnt happy
See the original posting on The Verge
Today, Googles Threat Analysis group disclosed a critical vulnerability in Windows in a public post on the companys security blog. The bug itself is very specific allowing attackers to escape from security sandboxes through a flaw in the win32k system but its serious enough to be categorized as critical, and according to Google, its being actively exploited. As a result, Google went public just 10 days after reporting the bug to Microsoft, before a patch could be coded and deployed. The result is that, while Google has already deployed a fix to protect Chrome users, Windows itself is still vulnerable and now, everybody knows it.
Googles disclosure provides only a general description of the bug, giving users enough information…