Google and Microsoft have never had the best of relationships. In addition to being bitter rivals in the realm of web browsers, Google previously disclosed a major Windows flaw before Microsoft was ready to release a patch for it - a decision Microsoft was less than pleased with.
Indeed, Google's move irked Microsoft so much that Windows Executive VP Terry Myerson opted to publish a blog post criticizing the search giant for their approach to the disclosure of security vulnerabilities.
Now it seems Microsoft may have one more reason to be angry. Google's vulnerability-finding Project Zero program – perhaps best known for the recent disclosure of major Spectre and Meltdown CPU hardware flaws – has found yet another bug in Microsoft's software, this time within Microsoft Edge.
The vulnerability reportedly relates to how Edge handles code execution and was first disclosed to Microsoft by Google back in November. After giving the software giant 90 days to fix the issue, Project Zero researchers have gone public with their findings.
...hackers are able to bypass Microsoft Edge's existing security measures to inject malicious code into a victim's PC memory...
Though the specifics of the discovery are complicated and quite technical, the gist is hackers are able to bypass Microsoft Edge's existing security measures to inject malicious code into a victim's PC memory, according to Neowin. With this in mind, it's not hard to see why Project Zero awarded the flaw a "Medium" severity rating.
As of writing, Microsoft has not rolled out a fix for the vulnerability so security conscious users may wish to use an alternate browser for the time being.