Microsoft has fixed more than 100 security holes in its latest bundle of security patches. The latest patch fixes a zero-day vulnerability that has been exploited in active attacks against Windows 7 and Windows 10 users. The vulnerability, which allows local privilege escalation and sandbox escape, was made public by Googles Project Zero team at the end of last month. Microsoft was informed of the security hole just seven days after it was discovered by security researchers. It was being exploited in co-ordination with a Google Chrome flaw (itself patched)”]
Source: https://grahamcluley.com/windows-patch-zero-day-google/