21 C
Jaipur
Friday, November 27, 2020

Google has a Chrome zero-day warning for Windows users

Must read

How To Earn Money Via Google Task Mate In India [Get Referral Code]

Google has recently launched a new app called Task Mate that lets users earn money by completing simple tasks such as taking pictures or...

How To Perform Quick “Chrome Actions” From Chrome’s Address Bar?

If you use Google Chrome regularly, you know that a lot can be done or fixed in the Google Chrome settings. However, more often...

Indian Government Caps Fee and Surge Pricing of Ride-Hailing Apps like Uber and Ola

The Ministry of Road Transport and Highways has issued new guidelines for ride-hailing companies such as Uber and Ola that allow aggregators to charge...

How to Install and Setup Let’s Encrypt (Certbot) on Linux

Getting an HTTPS certificate for your website is not anymore an optional choice. If you are a website developer, you might know that Google...

Google has revealed a zero-day vulnerability affecting Windows 7,8 and 10 users which Microsoft is yet to fix. Microsoft is expected to fix the issue on November 10 and it is highly advisable that Window users update their PCs immediately. As per Ben Hawkes, Google’s Project Zero team lead, this Windows zero-day– CVE-2020-17087–is used to launch a combined attack along with a Chrome zero-day identified as CVE-2020-15999. The Chrome zero-day is said to be patched already but the Windows one is still live.

“Currently we expect a patch for this issue to be available on November 10. We have confirmed with the Director of Google’s Threat Analysis Group, Shane Huntley that this is targeted exploitation and this is not related to any US election related targeting,” tweeted Hawkes.
Google had notified Microsoft about the vulnerability last week and gave Microsoft 7 days time to fix the issue. As Microsoft did not fix it in the allotted, Google has revealed the details of the bug publicly.
Google has provided the source code of a proof-of-concept program. “It was tested on an up-to-date build of Windows 10 1903 (64-bit), but the vulnerability is believed to be present since at least Windows 7. A crash is easiest to reproduce with Special Pools enabled for cng.sys, but even in the default configuration the corruption of 64kB of kernel data will almost surely crash the system shortly after running the exploit,” said Google in its report.

Source link

- Advertisement -

More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article

How To Earn Money Via Google Task Mate In India [Get Referral Code]

Google has recently launched a new app called Task Mate that lets users earn money by completing simple tasks such as taking pictures or...

How To Perform Quick “Chrome Actions” From Chrome’s Address Bar?

If you use Google Chrome regularly, you know that a lot can be done or fixed in the Google Chrome settings. However, more often...

Indian Government Caps Fee and Surge Pricing of Ride-Hailing Apps like Uber and Ola

The Ministry of Road Transport and Highways has issued new guidelines for ride-hailing companies such as Uber and Ola that allow aggregators to charge...

How to Install and Setup Let’s Encrypt (Certbot) on Linux

Getting an HTTPS certificate for your website is not anymore an optional choice. If you are a website developer, you might know that Google...

India Wearables Shipments Hit Record High in Q3 Amidst Falling Prices, Increased Options

Shipments of smart wearables in India reportedly jumped 165% in the July-September quarter thanks to an increased emphasis on remote work and rising health...