It looks like Microsoft is getting ready to be hammered once again by Google, with Tavis Ormandy, a security researcher at Google, tweeting that Windows has a “crazy bad” vulnerability which can be executed automatically remotely.
.@natashenka Attack works against a default install, don't need to be on the same LAN, and it's wormable. ?
— Tavis Ormandy (@taviso) May 6, 2017
Some commentators have suggested announcing the vulnerability publicly on twitter has been irresponsible, as knowledge of the presence of the bug would focus black hat security researchers on re-discovering the hole themselves.
Over the last year, Google has in addition released information on a number of Windows bugs before Microsoft had a patch ready, and a vulnerability which can automatically spread from PC to PC without user intervention would be particularly serious.
Hopefully, Google will be more responsible in their disclosure of this newly discovered bug, with standard practice giving Microsoft 3 months to fix it before releasing information.