Google and Microsoft are butting heads over the disclosure of vulnerabilities. On Monday, Google revealed a critical flaw in Windows after it gave Microsoft a ten-day window to warn the public about it.Google posted about the zero-day vulnerability on its security blog, saying Microsoft had yet to publish a fix or issue an advisory about the software flaw."This vulnerability is particularly serious because we know it is being actively exploited," Google said. It lets hackers exploit a bug in the Windows kernel, via a win32k.sys system call, to bypass the security sandbox.The search giant originally told Microsoft about the problem 10 days ago, on Oct. 21. It waited to say anything about it publicly so Microsoft could fix the problem first. But Google has a strict policy of giving vendors only seven days to either publish a patch or issue a warning about a flaw."Seven days is an aggressive timeline and may be too short for some vendors to update their products," Google said in a blog post in 2013. "But it should be enough time to publish advice about possible mitigations."