Google Reveals Un-patched Windows Kernel Vulnerability

Source: Google

Today (Oct 31, 2016), Google revealed a security flaw in the Windows kernel that they claim to be “actively exploited”. Google has a policy to make public vulnerabilities that are actively exploited within seven days of alerting the developer (Microsoft).

The vulnerability allows the attacker to “escape a security sandbox” by using local privilege escalation. Google recommends that users update Flash player, Chrome and apply all updates for Windows as soon as they are available.

Tom’s Hardware claims that Chrome is safe under Windows 10 due to “Win32k lockdown mitigation”, however, Windows updates should still be applied regularly.

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *