Quite sure I reported this JS vulnerability to Google in of December 2022. I also detailed it in a report to SEC. And I kept reporting the issue to Google teams, to which they responded for me to "check their privacy and security docs." See also <a href="https://news.ycombinator.com/threads?id=burna_aws_acct" rel="nofollow">https://news.ycombinator.com/threads?id=burna_aws_acct</a>, where I commented about it on HackerNews.<p>But yea, give credit to Clement Lecigne of Google's Threat Analysis Group (TAG), Google's own team. This isn't the first time they've done this either.<p>Just lost even more respect for that entire operation at Google. So whack.<p>Off to make another HN account, since I just burned this one...
no amount of prompt zero day mitigation will correct the problem of denying updates, to users that refuse to install an insecure operating system.<p>a webbrowser has no business demanding w11 installs, in exchange for updates.