An Interest In:
Web News this Week
- April 16, 2024
- April 15, 2024
- April 14, 2024
- April 13, 2024
- April 12, 2024
- April 11, 2024
- April 10, 2024
Some of Our Sources
- Slashdot
- BoingBoing
- Techcrunch
- Spoon Graphics
- Six Revisions
- Naldz Graphics
- My Ink Blog
- CSS Tricks
- Design Modo
- Android Dissected
Help Webnuz
Referal links:
October 31, 2016 08:00 pm
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/XbbrJGKHKrs/google-discloses-exploited-windows-vulnerability-10-days-after-telling-microsoft
Google Discloses Exploited Windows Vulnerability 10 Days After Telling Microsoft
An anonymous reader writes: Google today shared details about a security flaw in Windows, just 10 days after disclosing it to Microsoft on October 21. To make matters worse, Google says it is aware that this critical Windows vulnerability is being actively exploited in the wild. That means attackers have already written code for this specific security hole and are using it to break into Windows systems.In a blog post, security researchers at Google write, "The Windows vulnerability is a local privilege escalation in the Windows kernel that can be used as a security sandbox escape. It can be triggered via the win32k.sys system call NtSetWindowLongPtr() for the index GWLP_ID on a window handle with GWL_STYLE set to WS_CHILD. Chrome's sandbox blocks win32k.sys system calls using the Win32k lockdown mitigation on Windows 10, which prevents exploitation of this sandbox escape vulnerability."Read more of this story at Slashdot.
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/XbbrJGKHKrs/google-discloses-exploited-windows-vulnerability-10-days-after-telling-microsoft
Share this article:
Tweet
View Full Article
Slashdot
Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..More About this Source Visit Slashdot