Google discovered an actively exploited security hole in the core of the Windows 7 operating system that allows a hacker to bypass antivirus protections.
All the victim has to do is to click on a link to get compromised.
Google reported that this security hole is a
serious vulnerability in Windows that we know was being actively exploited in targeted attacks
We can only guess what is meant by “actively exploited”. Possibly, there are already victims of ransomware. If the hacker can break into the core of your operating system, that means he has the potential to penetrate ALL except the final layer of your defence (see How many layers of defence do you have against ransomware attacks?).
What can you do?
First, make sure that your Google Chrome web browser is updated to 72.0.3626.121 or later. You will need to restart your web browser.
Next, all Windows 7 machines are vulnerable. Currently, Microsoft is working on a fix to patch this security hole. Until your Windows 7 machine is patched, this is the period of time when you are vulnerable. So, you can only wait and pray at this time.
Google believes that Windows 10 machines are not vulnerable. So, if you don’t want to wait and pray, you may want to upgrade your Windows 7 machine to Windows 10 now.