Security News > 2020 > November > Unpatched Windows Zero-Day Exploited in the Wild for Sandbox Escape

A high-severity Windows driver bug is being exploited in the wild as a zero-day.
The security vulnerability was disclosed by Google Project Zero just seven days after it was reported, since cybercriminals are already exploiting it, according to researchers.
"The bug resides in the cng!CfgAdtpFormatPropertyBlock function and is caused by a 16-bit integer truncation issue," the Project Zero team explained.
It worked on an up-to-date build of Windows 10 1903, but researchers said that the bug appears to affect Windows versions going back to Windows 7.
Another Project Zero team member noted that Microsoft is expected to fix the bug on its next Patch Tuesday update, on Nov. 10.
News URL
https://threatpost.com/unpatched-windows-zero-day-exploited-sandbox-escape/160828/
Related news
- Microsoft patches Windows Kernel zero-day exploited since 2023 (source)
- Unpatched Windows Zero-Day Flaw Exploited by 11 State-Sponsored Threat Groups Since 2017 (source)
- New Windows zero-day exploited by 11 state hacking groups since 2017 (source)
- APTs have been using zero-day Windows shortcut exploit for eight years (ZDI-CAN-25373) (source)
- EncryptHub linked to MMC zero-day attacks on Windows systems (source)
- New Windows zero-day leaks NTLM hashes, gets unofficial patch (source)
- Google fixes exploited Chrome sandbox bypass zero-day (CVE-2025-2783) (source)
- EncryptHub Exploits Windows Zero-Day to Deploy Rhadamanthys and StealC Malware (source)
- Mozilla warns Windows users of critical Firefox sandbox escape flaw (source)