Earlier this week the Google Security Team disclosed a pair of vulnerabilities, known to be exploited in the wild, one in Windows and the other in Chrome. These represent a fairly standard exploit chain: code execution in Chrome’s sandboxed renderer process and then a kernel bug to escape the sandbox and gain privileged code execution. There’s a publicly visible patch for the Chrome bug, however there aren’t a lot of details on the Windows kernel bug.
