Google Warns Of Windows Zero-Day Under AttackGoogle Warns Of Windows Zero-Day Under Attack
'Critical' vulnerability found by Google has yet to be announced or fixed by Microsoft.
November 1, 2016
Google researchers today disclosed that they had found and reported to Microsoft a critical vulnerability in Windows that Microsoft has not yet fixed - and is being used by attackers in the wild.
This Halloween Day revelation by Google threat analysis group members Neel Mehta and Billy Leonard falls under Google's policy for reporting active exploits of critical vulnerabilities. Google says it first reported the bug to Microsoft on October 21.
"After 7 days, per our published policy for actively exploited critical vulnerabilities, we are today disclosing the existence of a remaining critical vulnerability in Windows for which no advisory or fix has yet been released. This vulnerability is particularly serious because we know it is being actively exploited," the Google team said in a post today.
The Windows vulnerability is a local privilege-escalation flaw in the Windows kernel that can be used to bypass a security sandbox. "It can be triggered via the win32k.sys system call NtSetWindowLongPtr() for the index GWLP_ID on a window handle with GWL_STYLE set to WS_CHILD. Chrome's sandbox blocks win32k.sys system calls using the Win32k lockdown mitigation on Windows 10, which prevents exploitation of this sandbox escape vulnerability," the Google team wrote.
"We encourage users to verify that auto-updaters have already updated Flash — and to manually update if not — and to apply Windows patches from Microsoft when they become available for the Windows vulnerability."
About the Author(s)
You May Also Like
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023
What's In Your Cloud?Nov 30, 2023
Everything You Need to Know About DNS AttacksNov 30, 2023