Google has disclosed a still-active vulnerability in the Edge and Internet explorer browsers that Microsoft apparently ignored for more than three months.
The Internet explorer bug was reported to Microsoft by a Google engineer and given 90 days to eliminate the error. The flaw was leaked as Microsoft failed to comply with the appointed timeframe. The flaw fundamentally allows ill-intended individuals to build websites that cause the browsers to spontaneously crash and to take control of your browser in certain cases, BBC reports.
The flaw has to do with the way the browsers handle instructions to format certain elements on some web pages. It currently affects Edge as well as Internet Explorer 11.
Microsoft has since released a statement, claiming it has a “customer commitment to investigate reported security issues and proactively update impacted devices as soon as possible.”
Neither Google nor Microsoft acknowledged if the two companies had been in contact regarding this specific Internet E vulnerability following the delay of Patch , but Microsoft told SearchSecurity that it has asked Google about a more generous disclosure deadline.