Microsoft has a zero-day vulnerability in Windows 7 that remains unpatched, Google revealed in a blog post yesterday. It’s one of two zero-day vulnerabilities that, along with one in Google Chrome, hackers were exploiting to send malicious code to users.

The unpatched Windows 7 vulnerability lets hackers escalate local privileges to execute malicious code. Google wrote in its blog post that it’s only seen Windows 7 32-bit systems contain this vulnerability. Older versions before Windows 7 may also be at risk.

Microsoft has told Google it’s aware of the issue and is working on a fix, but it’s already 10 days late addressing the problem. It tells The Verge, “Microsoft has a customer commitment to investigate reported security issues and…

Continue reading…