Google discloses actively-exploited Windows vulnerability
Google has disclosed an actively-exploited 0-day Windows vulnerability less than 10 days after notifying the software maker about the flaw.
On 21 October, Google reported the 0-day vulnerability to Adobe and Microsoft.
Adobe updated Flash on 26 October to address CVE-2016-7855. This update is available via Adobe’s updater and Chrome auto-update.
“After 7 days, per our published policy for actively-exploited critical vulnerabilities, we are disclosing the existence of a remaining critical vulnerability in Windows for which no advisory or fix has yet been released,” said Google.
“This vulnerability is particularly serious because we know it is being actively exploited.”
The Windows vulnerability is a local privilege escalation in the Windows kernel that can be used as a security sandbox escape.
It can be triggered via the win32k.sys system call NtSetWindowLongPtr() for the index GWLP_ID on a window handle with GWL_STYLE set to WS_CHILD.
Chrome’s sandbox blocks win32k.sys system calls using the Win32k lockdown mitigation on Windows 10, which prevents exploitation of this sandbox escape vulnerability.
“We encourage users to verify that auto-updaters have already updated Flash – and to manually update if not – and to apply Windows patches from Microsoft when they become available.”
Now read: Root user access on Google Pixel achieved
Loading ...