Google revealed yesterday that two zero-day vulnerabilities — one in Chrome and one in Windows — let hackers send malicious code to users. The vulnerabilities were discovered on February 27th, and Google has since patched Chrome, but Windows is still vulnerable.
The unpatched Windows vulnerability lets hackers escalate local privileges to execute malicious code. Google wrote in its blog post that it’s only seen Windows 7 32-bit systems contain this vulnerability. Older versions before Windows 7 may also be at risk.
Microsoft has told Google it’s aware of the issue and is working on a fix, but it’s already 10 days late addressing the problem. It tells The Verge, “Microsoft has a customer commitment to investigate reported security issues…
Go to Source
Author: Shannon Liao