Google reveals actively exploited Windows vulnerability

Andre Yoskowitz
31 Oct 2016 23:19

Google has revealed details of a 0-day vulnerability in the Windows operating system that it claims is being currently exploited.
The search giant disclosed the flaw to Microsoft just 10 days ago, but Microsoft has not yet released a patch or even an advisory.

Reads Google's post:

"The Windows vulnerability is a local privilege escalation in the Windows kernel that can be used as a security sandbox escape. It can be triggered via the win32k.sys system call NtSetWindowLongPtr() for the index GWLP_ID on a window handle with GWL_STYLE set to WS_CHILD. Chrome's sandbox blocks win32k.sys system calls using the Win32k lockdown mitigation on Windows 10, which prevents exploitation of this sandbox escape vulnerability.

Microsoft was not happy with the release of the details before any patch: "We believe in coordinated vulnerability disclosure, and today's disclosure by Google puts customers at potential risk. Windows is the only platform with a customer commitment to investigate reported security issues and proactively update impacted devices as soon as possible. We recommend customers use Windows 10 and the Microsoft Edge browser for the best protection."

Source:
VB

11/01/2024 6:45

Winamp ends its "open source" project that wasn't really open source

10/20/2024 11:12

Winamp released its source code - but didn't go open source

09/25/2024 12:38

Does your phone rattle? Here's why it happens

08/25/2024 8:30

Google reveals actively exploited Windows vulnerability

More from us

Tags