On October 31, Google publicly outed Microsoft for a critical zero-day security flaw in Windows 10 just 10 days after reporting the vulnerability to the firm. Today, as promised in a subsequent (and angry) blog post, Microsoft has patched up the hole and more in a round of updates.
The issue was said to allow hackers to easily work around the operating system’s (OS) security sandbox, letting them to execute harmful code, delete data and create user accounts with full access to the OS and “take control of an affected system,” Microsoft wrote in a security bulletin following its usual patch day.
In order to exploit the security hole, however, the end user would have to be tricked into opening an app created specifically for this purpose and remain logged in for the hacker to do any real damage. Back on November 1, Microsoft even claimed in that blog post that the flaw was not exploitable if you were running the then-latest version of its new OS. […]