Google is warning of a critical vulnerability in current versions of Windows that is unpatched and under active exploit by attackers.
Threat Analysis Group engineers Neel Mehta and Billy Leonard said Google had reported the flaw to Microsoft on October 22 (Australian time).
As Microsoft has not issued an advisory or fix for the vulnerability, Mehta and Leonard disclosed its existence as per Google's policy.
"This vulnerability is particularly serious because we know it is being actively exploited," the pair wrote.
The flaw exists in the Windows operating system kernel, and comprises a local privilege escalation that allows attackers to escape the security sandboxn.
Google's Chrome browser mitigates against the exploit by blocking win32k.sys system calls, which prevents the flaw being used to escape the sandbox.
Mehta and Leonard also reported a zero-day vulnerability to Adobe at the same time as they contacted Microsoft. Adobe issued an emergency patch for the CVE-2016-7855 on October 27 (Australian time).
_(20).jpg&h=140&w=231&c=1&s=0)
_(28).jpg&h=140&w=231&c=1&s=0)
_(33).jpg&h=140&w=231&c=1&s=0)
iTnews Executive Retreat - Security Leaders Edition
iTnews Benchmark Awards 2026
iTnews Cloud Covered Breakfast Summit
The 2026 iAwards
_(1).jpg&h=140&w=231&c=1&s=0)
