Security News > 2020 > December > Google Discloses Poorly-Patched, Now Unpatched, Windows 0-Day Bug

Google Discloses Poorly-Patched, Now Unpatched, Windows 0-Day Bug
2020-12-27 22:17

Google's Project Zero team has made public details of an improperly patched zero-day security vulnerability in Windows print spooler API that could be leveraged by a bad actor to execute arbitrary code.

Details of the unpatched flaw were revealed publicly after Microsoft failed to rectify it within 90 days of responsible disclosure on September 24.

Originally tracked as CVE-2020-0986, the flaw concerns an elevation of privilege exploit in the GDI Print / Print Spooler API that was reported to Microsoft by an anonymous user working with Trend Micro's Zero Day Initiative back in late December 2019.

"Splwow64.exe" is a Windows core system binary that allows 32-bit applications to connect with the 64-bit printer spooler service on 64-bit Windows systems.

"The vulnerability still exists, just the exploitation method had to change," Google Project Zero researcher Maddie Stone said in a write-up.


News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/T75cSA6PMhM/google-discloses-poorly-patched-now.html

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2020-06-09 CVE-2020-0986 Out-of-bounds Write vulnerability in Microsoft products
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'.
local
low complexity
microsoft CWE-787
7.2

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Google 141 994 4922 2872 1623 10411