Breaking News

PROGRADE DIGITAL ANNOUNCES NEW 16TB USB 4.0 PRO SSD be quiet! launches Pure Loop 3 LX and Pure Loop 3 AIO xMEMS Unveils AI Glasses Prototypes Featuring MEMS Technologies that Enhance Smart Wearable Performance and Comfort MSI Expands NVIDIA RTX PRO Server Lineup CORSAIR Launches the XENEON EDGE 14.5″ LCD Touchscreen

logo

  • Share Us
    • Facebook
    • Twitter
  • Home
  • Home
  • News
  • Reviews
  • Essays
  • Forum
  • Legacy
  • About
    • Submit News

    • Contact Us
    • Privacy

    • Promotion
    • Advertise

    • RSS Feed
    • Site Map

Search form

Google Discloses Unpatched Windows 7 Vulnerability

Google Discloses Unpatched Windows 7 Vulnerability

PC components Mar 8,2019 0

Google's Threat Analysis Group on February 27th, reported a 0-day vulnerability n Microsoft Windows 7 OS, which Microsoft has not yet corrected.

According to Google, "the vulnerability is a local privilege escalation in the Windows win32k.sys kernel driver that can be used as a security sandbox escape. The vulnerability is a NULL pointer dereference in win32k!MNGetpItemFromIndex when NtUserMNDragOver() system call is called under specific circumstances."

Google believes this vulnerability may only be exploitable on Windows 7 due to recent exploit mitigations added in newer versions of Windows. To date, Google's security researchers have only observed active exploitation against Windows 7 32-bit systems.

Google says it notified Microsoft about the issue, but since several days have passed and Microsoft says it is still "working on a fix," Google publicly disclosed it yesteday.

"..it is a serious vulnerability in Windows that we know was being actively exploited in targeted attacks. The unpatched Windows vulnerability can still be used to elevate privileges or combined with another browser vulnerability to evade security sandboxes, "Google said.

As mitigation advice for this vulnerability users should consider upgrading to Windows 10 if they are still running an older version of Windows, and to apply Windows patches from Microsoft when they become available.

The same vulnerability also affected Google Chrome, but Google says it released an update for all Chrome platforms on March 1.

Tags: bugsWindows 7Security
Previous Post
Businesses Continue to Pay Google in Order to Keep Their Brands Online
Next Post
Latest Windows 10 Update May Decrease PC Gaming Performance

Related Posts

  • HP Threat Research Shows Attackers Exploiting Zero‐Day Vulnerability Before Enterprises Can Patch

  • Samsung Develops New Security Chip For Mobile Devices

  • Samsung Says Your Galaxy S20’s Secure Processor Protects it Against Hardware Attacks

  • SK Telecom and Samsung Unveil the First QRNG-Powered 5G Smartphone

  • Microsoft Offers You $100,000 If You Can Hack the Linux-based Azure Sphere

  • Apple Says 'No Evidence' iPhone Mail Bug Used Against Consumers

  • Apple to Patch Serious iOS Vulnerability

  • AMD Downplays Reported Side Channel Vulnerabilities in Zen Chips

Latest News

PROGRADE DIGITAL ANNOUNCES NEW 16TB USB 4.0 PRO SSD
Consumer Electronics

PROGRADE DIGITAL ANNOUNCES NEW 16TB USB 4.0 PRO SSD

be quiet! launches Pure Loop 3 LX and Pure Loop 3 AIO
Cooling Systems

be quiet! launches Pure Loop 3 LX and Pure Loop 3 AIO

xMEMS Unveils AI Glasses Prototypes Featuring MEMS Technologies that Enhance Smart Wearable Performance and Comfort
Consumer Electronics

xMEMS Unveils AI Glasses Prototypes Featuring MEMS Technologies that Enhance Smart Wearable Performance and Comfort

MSI Expands NVIDIA RTX PRO Server Lineup
Enterprise & IT

MSI Expands NVIDIA RTX PRO Server Lineup

CORSAIR Launches the XENEON EDGE 14.5″ LCD Touchscreen
Consumer Electronics

CORSAIR Launches the XENEON EDGE 14.5″ LCD Touchscreen

Popular Reviews

be quiet! Dark Mount Keyboard

be quiet! Dark Mount Keyboard

be quiet! Light Loop 360mm

be quiet! Light Loop 360mm

be quiet! Light Mount Keyboard

be quiet! Light Mount Keyboard

Noctua NH-D15 G2

Noctua NH-D15 G2

Terramaster F8-SSD

Terramaster F8-SSD

be quiet! Light Base 600 LX

be quiet! Light Base 600 LX

Soundpeats Pop Clip

Soundpeats Pop Clip

be quiet! Pure Base 501

be quiet! Pure Base 501

Main menu

  • Home
  • News
  • Reviews
  • Essays
  • Forum
  • Legacy
  • About
    • Submit News

    • Contact Us
    • Privacy

    • Promotion
    • Advertise

    • RSS Feed
    • Site Map
  • About
  • Privacy
  • Contact Us
  • Promotional Opportunities @ CdrInfo.com
  • Advertise on out site
  • Submit your News to our site
  • RSS Feed