MS spots remote security flaw in Google Chrome

"Our discovery of 'CVE-2017-5121' indicates that it is possible to find remotely exploitable vulnerabilities in modern browsers. Chrome's relative lack of remote code execution (RCE) mitigations means the path from memory corruption bug to exploit can be a short one," wrote Jordan Rabet, member of the Microsoft Offensive Security Research team, in a blog post late on Thursday.

"Chrome's process for servicing vulnerabilities can result in the public disclosure of details for security flaws before fixes are pushed to customers," Rabet added.

According to an Engadget report on Friday, Google immediately posted the fix for the remote flaw on GitHub.

"While the fix for this issue doesn't out the vulnerability, according to Microsoft, that hasn't always been the case. Microsoft believes that a fix should be applied before they are public knowledge," the report added.

The Microssoft-Google rivalry over security flaws in their products is not new.

Last year, Google disclosed a major Windows bug before Microsoft was ready to patch it.