New zero-day bug puts Windows OS at threat, reveals Google - ETCIO.com

New zero-day bug puts Windows OS at threat, reveals Google - ETCIO.com

New zero-day bug puts Windows OS at threat, reveals Google - ETCIO.com

Posted: 31 Oct 2020 01:39 AM PDT

New zero-day bug puts Windows OS at threat, reveals GoogleNew Delhi: A team of Googlesecurity researchers has revealed a zero-day vulnerability in the Microsoft Windows operating system that is under active exploitation.

According to Google project Zero technical lead Ben Hawkes, the zero-day vulnerability is expected to be patched on November 10.

"In addition to last week's Chrome/freetype 0day (CVE-2020-15999), Project Zero also detected and reported the Windows kernel bug (CVE-2020-17087) that was used for a sandbox escape," Hawkes said in a tweet on Friday.

"Currently we expect a patch for this issue to be available on November 10," he added.

November 10 is also the date of Microsoft's next security Patch.

"We have confirmed with the Director of Google's Threat Analysis Group, Shane Huntley that this is targeted exploitation and this is not related to any US election related targeting," Hawkes informed.

The Google Project Zero team notified Microsoft last week and gave the company seven days to patch the bug, reports ZDNet.

The zero-day bug in the Windows kernel can be exploited to elevate an attacker's code with additional permissions.

The vulnerability impacts all Windows versions between Windows 7 and the most recent Windows 10.

Microsoft was yet to comment on the new zero-day bug.

In March last year, Google said that threat actors have also combined a Chrome zero-day with a Windows zero-day vulnerability.

Google also made public the details of a medium-level security flaw in Microsoft Edge browser in 2018. The vulnerability was first discovered in November 2017 by the search giant's Project Zero.
-

Comments

Post a Comment

Popular Posts

Signal, WhatsApp and Telegram: All the major security differences between messaging apps - CNET

Image
Signal, WhatsApp and Telegram: All the major security differences between messaging apps - CNET Signal, WhatsApp and Telegram: All the major security differences between messaging apps - CNET Posted: 19 Feb 2021 04:00 AM PST Brent Lewin/Bloomberg/Getty Images If your choice of encrypted messaging app is a toss-up between Signal , Telegram and WhatsApp , do not waste your time with anything but Signal. This isn't about which has cuter features, more bells and whistles or is most convenient to use -- this is about pure privacy . If that's what you're after, nothing beats Signal. By now you probably already know what happened. On Jan. 7, in a tweet heard 'round the world, tech mogul Elon Musk continued his feud with Facebook by advocating people drop its WhatsApp messenger and use Signal instead. Twitter CEO Jack Dorsey retweeted his call. Around the same time, right-wing social network Parler went dark following the Capito
Read more

WhatsApp beta update seeks to remind everyone why encryption is so vital - iMore

WhatsApp beta update seeks to remind everyone why encryption is so vital - iMore WhatsApp beta update seeks to remind everyone why encryption is so vital - iMore 5 features your next cloud storage provider needs to offer - TechRadar This Week In Security: Pacman, Hetzbleed, And The Death Of Internet Explorer - Hackaday Anonymity Online Is In - The Atlantic What is a Cyberattack? Types and Defenses - eSecurity Planet Best Private Instagram
Read more

VPN browser extensions: Why you shouldn't use then - Tech Advisor

VPN browser extensions: Why you shouldn't use then - Tech Advisor VPN browser extensions: Why you shouldn't use then - Tech Advisor Google Fi calls between Android subscribers will soon be end-to-end encrypted - 9to5Google How to encrypt your computer (and why you should) - Mashable How to encrypt and decrypt a folder on Android with SSE Universal Encryption - TechRepublic 4 ways to send encrypted messages on Android - TechRepublic WhatsApp “end-to-end encrypted” messages aren’t that private after all - Ars Technica ciphertext feedback (CFB) - TechTarget What Is the Windows Encrypting File System (EFS) and How Do You Enable or Disable It? - MUO - MakeUseOf Encrypting your online life is important - Telangana Today Keeper Password Manager Review – Forbes Advisor - Forbes [Update: Screenshot] Google Messages preparing end-to-end encryption for RCS messages - 9to5Google The iOS 15 priva
Read more