Software giant Microsoft is fuming after Google told the world plus dog about a flaw in its Internet Exploder browser before it had the chance to fix it.

The zero-day vulnerability is based on how the browser handles CSS and was discovered by cross_fuzz, a browser fuzzing tool created by a Google researcher. Google claimed that it went public with the IE flaw because it  believed Chinese researchers also recently discovered the same vulnerability.

Jerry Bryant, manager of response communications for Microsoft's Trustworthy Computing group, confirmed that Google provided Redmond with a copy of the fuzzing tool back in July 2010. However it didn't find any problems with IE at the time. Bryant said that on December 21, a new version of the tool was reported to us along with information about a potentially exploitable crash found by the new version.

Redmond worked to reproduce the issue with the updated and original tool and are currently investigating it further to determine if it is actually exploitable. Google claims that is not true as there were few substantial differences between the July and December fuzzer variants. Microsoft argues that Google has increased the risk to IE users since cyber criminals will find a way to exploit the flaw before a patch can be thoroughly tested and widely distributed.