Google has publicly disclosed a zero-day vulnerability in current versions of Windows operating system before Microsoft has a patch ready. Microsoft has not provided any details as to when the company will roll out a fix for the flaw. If exploited, the flaw can be used to escape the sandbox protection and execute malicious code on the compromised system. Users are advised to update their Flash software now and apply Windows patches as soon as they become available. Google also disclosed a vulnerability in Flash Player to Adobe at the same time as it contacted Microsoft.
Source: https://thehackernews.com/2016/10/google-windows-zero-day.html