UPDATE: Microsoft is mad!
Senior Director of Microsoft's Security Response Center has responded to Google releasing details of a vulnerability in Google 8.1. He claims that Google already knew that Microsoft had already planned to fix the vulnerability during patch Tuesday, but released the details as a "gotcha."
Windows 8.1 users beware: An exploit discovered and privately reported to Microsoft 90 days ago is now publicly available. Originally discovered by Google, the company gave Microsoft 90 days to fix the bug.
Microsoft didn't fix the problem, which could allow hackers to remotely execute code onto any computer. There's no defense for this hack as of yet and it's out in the wild.
Remotely executing code lets hackers run and download any kind of programs onto your computer. Malware, ransomware and keyloggers are all executable code that this bug could sneak onto your PC.
Google released the information based on its "Project Zero" policy. Once any bug is discovered, it's announced within 90 days.
While disclosing this dangerous bug within 90 days might seem like Google is punishing Microsoft, it's not like Microsoft can claim that it wasn't warned. The private email that Microsoft received from Google 90 days ago had this to say:
This bug is subject to a 90 day disclosure deadline. If 90 days elapse without a broadly available patch, then the bug report will automatically become visible to the public.
If hackers are willing to jump through a complex series of hoops, then the bug allows them to elevate their "privileges" on a computer.
A user's privilege is basically the amount of "power" they have over your computer.
Microsoft has issued a statement admitting that it's aware of the problem and is working on a fix.