Google regularly reports serious vulnerabilities that it discovers across different platforms. It recently reported two zero-day vulnerabilities, those that were previously unknown publicly, one affecting its Chrome browser and the other affecting Windows 7. The company mentioned that both of them were being exploited together. Google has released an update for Chrome to patch the exploit but Microsoft is yet to send out an update.
Hackers were exploiting the two vulnerabilities to send malicious code to unsuspecting uers. Google pushed out the fix for it through Chrome auto-update. It has encouraged users to immediately update the Chrome browser on their machines to ensure that they remain protected.
The zero-day vulnerability that it discovered in Windows 7 was enabling hackers to execute malicious code on the system. Google says that it found that only Windows 7 32-bit systems have this vulnerability. It’s possible that older versions before Windows 7 may also be at risk.
Google says that it reported the vulnerability to Microsoft when it was discovered and that the company has told them it’s working on a fix. It has been ten days since this vulnerability was disclosed and a fix is yet to arrive. Microsoft tells The Verge that it has a “customer commitment to investigate reported security issues and proactively update as soon as possible.”