Google recently patched a zero-day flaw in its Chrome web browser, but a second one that affects Windows 7 is still being actively exploited. Google relayed the information about the vulnerability to Microsoft, and the Windows company has responded directly to Google that a fix is in the works. Of course, there’s no timeline given, so Windows 7 users are vulnerable.
Based on the vulnerability that only affects Windows 7, Google is providing this guidance:
As mitigation advice for this vulnerability users should consider upgrading to Windows 10 if they are still running an older version of Windows and to apply Windows patches from Microsoft when they become available. We will update this post when they are available.