Welcome Guest! You are here: Home » Science & Technology

Google reveals new zero-day vulnerability in MS Windows

The zero-day vulnerability is expected to be patched on November 10

Saturday October 31, 2020 11:26 AM, IANS

Zero day attack

New Delhi: A team of Google security researchers has revealed a zero-day vulnerability in the Microsoft Windows operating system that is under active exploitation.

According to Google project Zero technical lead Ben Hawkes, the zero-day vulnerability is expected to be patched on November 10.

"In addition to last week's Chrome/freetype 0day (CVE-2020-15999), Project Zero also detected and reported the Windows kernel bug (CVE-2020-17087) that was used for a sandbox escape," Hawkes said in a tweet on Friday.

"Currently we expect a patch for this issue to be available on November 10," he added.

Also Read

November 10 is also the date of Microsoft's next security Patch.

"We have confirmed with the Director of Google's Threat Analysis Group, Shane Huntley that this is targeted exploitation and this is not related to any US election related targeting," Hawkes informed.

The Google Project Zero team notified Microsoft last week and gave the company seven days to patch the bug, reports ZDNet.

Zero-day vulnerability impact

The zero-day bug in the Windows kernel can be exploited to elevate an attacker's code with additional permissions.

The vulnerability impacts all Windows versions between Windows 7 and the most recent Windows 10.

Microsoft was yet to comment on the new zero-day bug.

In March last year, Google said that threat actors have also combined a Chrome zero-day with a Windows zero-day vulnerability.

Google also made public the details of a medium-level security flaw in Microsoft Edge browser in 2018. The vulnerability was first discovered in November 2017 by the search giant's Project Zero.

For all the latest News, Opinions and Views, download ummid.com App.

Select Language To Read in Urdu, Hindi, Marathi or Arabic.

Share this page

 Post Comments
Note: By posting your comments here you agree to the terms and conditions of www.ummid.com