WARNING: Google Discloses Windows Zero-Day Bug Exploited in the Wild #Cybersecurity - The Entrepreneurial Way with A.I.

Breaking

Monday, November 2, 2020

WARNING: Google Discloses Windows Zero-Day Bug Exploited in the Wild #Cybersecurity

#HackerNews

Google has disclosed details of a new zero-day privilege escalation flaw in the Windows operating system that's being actively exploited in the wild.

The elevation of privileges (EoP) vulnerability, tracked as CVE-2020-17087, concerns a buffer overflow present since at least Windows 7 in the Windows Kernel Cryptography Driver ("cng.sys") that can be exploited for a sandbox escape.

"The bug resides in the cng!CfgAdtpFormatPropertyBlock function and is caused by a 16-bit integer truncation issue," Google's Project Zero researchers Mateusz Jurczyk and Sergei Glazunov noted in their technical write-up.

The security team made the details public following a seven-day disclosure deadline because of evidence that it's under active exploit.

Project Zero has shared a proof-of-concept exploit (PoC) that can be used to corrupt kernel data and crash vulnerable Windows devices even under default system configurations.

What's notable is that the exploit chain requires linking CVE-2020-17087 with another Chrome browser zero-day (CVE-2020-15999) that was fixed by Google last week.

The Chrome zero-day involves a heap buffer overflow in the Freetype font library to run malicious code in the browser, but the newly revealed Windows zero-day makes it possible for an attacker to break out of Chrome's sandbox protections and run the code on Windows — also called a sandbox escape.

Stating that the exploitation is "not related to any US election-related targeting," Project Zero's Ben Hawkes said a patch for the flaw is expected to be released by Microsoft on November 10.

Hawkes also defended the practice of disclosing zero-days within a week of them being actively exploited.

"We think there's defensive utility to sharing these details, and that opportunistic attacks using these details between now and the patch being released is reasonably unlikely (so far it's been used as part of an exploit chain, and the entry-point attack is fixed)," he said.

"The short deadline for in-the-wild exploit also tries to incentivize out-of-band patches or other mitigations being developed/shared with urgency. Those improvements you might expect to see over a longer term period," Hawkes added.

Found this article interesting? Follow THN on

Facebook

,

Twitter

and

LinkedIn

to read more exclusive content we post.



via https://www.AiUpNow.com

November 2, 2020 at 04:44AM by noreply@blogger.com (Ravie Lakshmanan), Khareem Sudlow