Security News > 2020 > November > WARNING: Google Discloses Windows Zero-Day Bug Exploited in the Wild
Google has disclosed details of a new zero-day privilege escalation flaw in the Windows operating system that's being actively exploited in the wild.
The elevation of privileges vulnerability, tracked as CVE-2020-17087, concerns a buffer overflow present since at least Windows 7 in the Windows Kernel Cryptography Driver that can be exploited for a sandbox escape.
Project Zero has shared a proof-of-concept exploit that can be used to corrupt kernel data and crash vulnerable Windows devices even under default system configurations.
What's notable is that the exploit chain requires linking CVE-2020-17087 with another Chrome browser zero-day that was fixed by Google last week.
The Chrome zero-day involves a heap buffer overflow in the Freetype font library to run malicious code in the browser, but the newly revealed Windows zero-day makes it possible for an attacker to break out of Chrome's sandbox protections and run the code on Windows - also called a sandbox escape.
News URL
Related news
- Google: Spyware vendors behind 50% of zero-days exploited in 2023 (source)
- Miscreants are exploiting enterprise tech zero days more and more, Google warns (source)
- Google fixes Chrome zero-days exploited at Pwn2Own 2024 (source)
- Zero-day exploitation surged in 2023, Google finds (source)
- Google fixes two Pixel zero-day flaws exploited by forensics firms (source)
- Google Warns: Android Zero-Day Flaws in Pixel Phones Exploited by Forensic Companies (source)
- Google fixes one more Chrome zero-day exploited at Pwn2Own (source)
- Microsoft fixes two Windows zero-days exploited in malware attacks (source)
- Telegram fixes Windows app zero-day caused by file extension typo (source)
- Telegram fixes Windows app zero-day used to launch Python scripts (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-11 | CVE-2020-17087 | Incorrect Calculation of Buffer Size vulnerability in Microsoft products Windows Kernel Local Elevation of Privilege Vulnerability | 7.8 |