Level 13
Malware Tester
Zero-day vulnerabilities in Google Chrome and Microsoft Windows were used to download and install malware onto Windows computers that visited a Korean-language news portal.
A zero-day vulnerability is one that is known, but not patched by the developers in charge of patching the vulnerability. These zero-day vulnerabilities are particularly dangerous as they can be used by state-sponsored attackers to perform malicious activity on vulnerable devices.


Level 85
Content Creator
It was patched already, as mentioned by @upnorth, but even before that, it required a prior infection in order to work.
"The one caveat is that to exploit the flaw, an attacker would need to have previously compromised the system using another vulnerability "
So clean computers were not at risk; only previously infected ones were. It smells like another episode in the series of targeted attacks against South Korean diplomats.