After Apple, Google targets Microsoft by revealing a zero-day bug in Windows OS

Looks like Google’s Threat Analysis Group is on a roll these days. The particular division not only revealed Apple’s macOS exploit recently but found a bug in the company’s own Chrome browser. Now, it has revealed a new bug that is present in Microsoft Windows OS.
The newest zero-date vulnerability found by Google is said to be on Windows 7 only for now. “It is a local privilege escalation in the Windows win32k.sys kernel driver that can be used as a security sandbox escape. The vulnerability is a NULL pointer dereference in win32k!MNGetpItemFromIndexwhen NtUserMNDragOver() system call is called under specific circumstances,” says Clement Lecigne, Threat Analysis Group in the Google Security blog post.
Lecigne adds that the “vulnerability may only be exploitable on Windows 7 due to recent exploit mitigations added in newer versions of Windows.”
Till date, the company has found active exploitation against Windows 7 32-bit systems.