In a later post another Project Zero research member said the issue is expected to be patched on November 10.

While another said “this is targeted exploitation and this is not related to any US election related targeting”. The zero-day vulnerability affects both Windows 7 and Windows 10 machines.

Details on the vulnerability were submitted to the Project Zero discussion board on October 22, with Google giving Microsoft one week to resolve the issue. However, this deadline passed without a relevant fix being pushed out so after the seven days were up details on the flaw was released to the public.

Speaking about the issue, Microsoft released a statement which said: “Microsoft has a customer commitment to investigate reported security issues and update impacted devices to protect customers.

“While we work to meet all researchers’ deadlines for disclosures, including short-term deadlines like in this scenario, developing a security update is a balance between timeliness and quality, and our ultimate goal is to help ensure maximum customer protection with minimal customer disruption.”


Please enter your comment!
Please enter your name here