Security News > 2016 > November > Google warns of actively exploited Windows zero-day (Help Net Security)
2016-11-01 15:14
Google has disclosed to the public the existence of a Windows zero-day vulnerability (CVE-2016-7855) that is being actively exploited in the wild. According to Neel Mehta and Billy Leonard, of the Google Threat Analysis Group, it’s a local privilege escalation in the Windows kernel that can be used as a security sandbox escape, and can be triggered “via the win32k.sys system call NtSetWindowLongPtr() for the index GWLP_ID on a window handle with GWL_STYLE set to … More →
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/P7gOorNs5_s/
Related news
- Google Reports 75 Zero-Days Exploited in 2024 — 44% Targeted Enterprise Security Products (source)
- WinRAR flaw bypasses Windows Mark of the Web security alerts (source)
- Google fixes Android zero-days exploited in attacks, 60 other flaws (source)
- Microsoft: Windows CLFS zero-day exploited by ransomware gang (source)
- Microsoft fixes actively exploited Windows CLFS zero-day (CVE-2025-29824) (source)
- PipeMagic Trojan Exploits Windows Zero-Day Vulnerability to Deploy Ransomware (source)
- Google's got a hot cloud infosec startup, a new unified platform — and its eye on Microsoft's $20B+ security biz (source)
- Microsoft: Windows 'inetpub' folder created by security fix, don’t delete (source)
- Don't delete that mystery empty folder. Windows put it there as a security fix (source)
- Windows "inetpub" security fix can be abused to block future updates (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-11-01 | CVE-2016-7855 | Use After Free vulnerability in multiple products Use-after-free vulnerability in Adobe Flash Player before 23.0.0.205 on Windows and OS X and before 11.2.202.643 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in October 2016. | 8.8 |