No bug fix before November 10th.
Google is now warning of a Windows hole that is being actively exploited by hackers.
Two-step attack opens Windows for dangerous attacks
There are no bug fixes from Microsoft yet, it is not expected until November 10 (at least the Chrome bug), so so far the hole is still possible to abuse.
There are two holes discovered, one in Windows (CVE-2020-17087) and another hole that can be used in combination with the former and found in Chrome (CVE-2020-15999).
It is not yet known who has exploited the holes
The Chrome hole allows code to run inside Chrome, while the Windows bug is the second part and allows hackers to break away from Chrome's security stacks and run code in Windows.
Google notified Microsoft next week and gave them seven days. Microsoft failed to resolve the issue, so google published the details.