Google disclosed Microsoft’s windows zero-day vulnerability. Microsoft doesn’t seem happy about it. Reports are the vulnerability is used by Russian hackers. When the fix will be available? Read More…
Google publicly disclosed Microsoft Windows zero-day vulnerability after Microsoft failed to patch it within the 7-day deadline given by the tech giant when it found the flaw that is in the wild.
Google researchers recently discovered a critical zero-day flaw in Windows that its kernel is compromised by a ‘local privilege escalation’ vulnerability that allows attackers to bypass the sandbox mechanism of Microsoft Windows to gain administrator-level access and execute malicious code.
Google said in its blog post on Monday, “[The Windows vulnerability] can be triggered via the win32k.sys system call NtSetWindowLongPtr() for the index GWLP_ID on a window handle with GWL_STYLE set to WS_CHILD. Chrome’s sandbox blocks win32k.sys system calls using the Win32k lockdown mitigation on Windows 10, which prevents exploitation of this sandbox escape vulnerability.”
Windows zero-day exploit isn’t fixed yet!
