{"id":185358,"date":"2016-11-01T10:43:46","date_gmt":"2016-11-01T08:43:46","guid":{"rendered":"http:\/\/mybroadband.co.za\/news\/?p=185358"},"modified":"2016-11-01T10:44:59","modified_gmt":"2016-11-01T08:44:59","slug":"google-discloses-actively-exploited-windows-vulnerability","status":"publish","type":"post","link":"https:\/\/mybroadband.co.za\/news\/security\/185358-google-discloses-actively-exploited-windows-vulnerability.html","title":{"rendered":"Google discloses actively-exploited Windows vulnerability"},"content":{"rendered":"

Google has disclosed<\/a><\/strong> an actively-exploited 0-day Windows vulnerability less than 10 days after notifying the software maker about the flaw.<\/p>\n

On 21 October, Google reported the 0-day vulnerability to Adobe and Microsoft.<\/p>\n

Adobe updated Flash on 26 October to address CVE-2016-7855. This update is available via Adobe’s updater and Chrome auto-update.<\/p>\n

\u201cAfter 7 days, per our published policy for actively-exploited critical vulnerabilities, we are disclosing the existence of a remaining critical vulnerability in Windows for which no advisory or fix has yet been released,\u201d said Google.<\/p>\n

\u201cThis vulnerability is particularly serious because we know it is being actively exploited.”<\/p>\n

The Windows vulnerability is a local privilege escalation in the Windows kernel that can be used as a security sandbox escape.<\/p>\n

It can be triggered via the win32k.sys system call NtSetWindowLongPtr() for the index GWLP_ID on a window handle with GWL_STYLE set to WS_CHILD.<\/p>\n

Chrome’s sandbox blocks win32k.sys system calls using the Win32k lockdown mitigation on Windows 10, which prevents exploitation of this sandbox escape vulnerability.<\/p>\n

\u201cWe encourage users to verify that auto-updaters have already updated Flash – and to manually update if not – and to apply Windows patches from Microsoft when they become available.”<\/p>\n

Now read:\u00a0Root user access on Google Pixel achieved<\/a><\/h3>\n","protected":false},"excerpt":{"rendered":"

Google has disclosed an actively-exploited 0-day Windows vulnerability.<\/p>\n","protected":false},"author":23,"featured_media":131398,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[27],"tags":[36,167,123],"class_list":["post-185358","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","tag-active","tag-google","tag-microsoft"],"_links":{"self":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/185358"}],"collection":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/users\/23"}],"replies":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/comments?post=185358"}],"version-history":[{"count":2,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/185358\/revisions"}],"predecessor-version":[{"id":185416,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/185358\/revisions\/185416"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media\/131398"}],"wp:attachment":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media?parent=185358"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/categories?post=185358"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/tags?post=185358"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}