Sign up for our daily briefing
Make your busy days simpler with Axios AM/PM. Catch up on what's new and why it matters in just 5 minutes.
Stay on top of the latest market trends
Subscribe to Axios Markets for the latest market trends and economic insights. Sign up for free.
Sports news worthy of your time
Binge on the stats and stories that drive the sports world with Axios Sports. Sign up for free.
Tech news worthy of your time
Get our smart take on technology from the Valley and D.C. with Axios Login. Sign up for free.
Get the inside stories
Get an insider's guide to the new White House with Axios Sneak Peek. Sign up for free.
Catch up on coronavirus stories and special reports, curated by Mike Allen everyday
Catch up on coronavirus stories and special reports, curated by Mike Allen everyday
Want a daily digest of the top Denver news?
Get a daily digest of the most important stories affecting your hometown with Axios Denver
Want a daily digest of the top Des Moines news?
Get a daily digest of the most important stories affecting your hometown with Axios Des Moines
Want a daily digest of the top Twin Cities news?
Get a daily digest of the most important stories affecting your hometown with Axios Twin Cities
Want a daily digest of the top Tampa Bay news?
Get a daily digest of the most important stories affecting your hometown with Axios Tampa Bay
Want a daily digest of the top Charlotte news?
Get a daily digest of the most important stories affecting your hometown with Axios Charlotte
Google has publicly identified a "high-severity" security flaw that affects several versions of Microsoft's browser and could allow an attacker to execute malicious code.
The disclosure is complicated by the fact that Microsoft has yet to release a patch despite having been notified by Google of the issue last November. Google has a practice of going public with security issues 90 days after privately reporting issues to the software maker in question.
Ivan Fratric, the Google researcher who identified the issue, said he expected Microsoft to fix the issue before the deadline.
"I will not make any further comments on exploitability, at least not until the bug is fixed," he said, according to Ars Technica. "The report has too much info on that as it is (I really didn't expect this one to miss the deadline)."
For its part, Microsoft said it had hoped Google would give it more time.
"We believe in coordinated vulnerability disclosure, and we've had an ongoing conversation with Google about extending their deadline since the disclosure could potentially put customers at risk," a Microsoft representative told Axios.
Microsoft also canceled this month's regularly scheduled "Patch Tuesday" on which it typically issues security updates, though the company sometimes pushes especially important fixes outside the monthly schedule.