Security News > 2020 > December > Google: Microsoft Improperly Patched Exploited Windows Vulnerability
Google Project Zero has disclosed a Windows zero-day vulnerability caused by the improper fix for CVE-2020-0986, a security flaw abused in a campaign dubbed Operation PowerFall.
Tracked as CVE-2020-17008, the new vulnerability was reported to Microsoft on September 24.
Disclosed in May 2020, CVE-2020-0986 was initially reported to Microsoft in December 2019 and a patch was released in June 2020.
Attacks targeting the vulnerability were observed within days after disclosure.
Exe, CVE-2020-17008 can be abused by simply changing the exploitation method for CVE-2020-0986, an arbitrary pointer dereference flaw affecting the GDI Print/Print Spooler API. Google Project Zero researcher Maddie Stone explains that CVE-2020-17008 is actually nearly identical to CVE-2020-0986, the only difference being that "For CVE-2020-0986 the attacker sent a pointer and now the attacker sends an offset."
News URL
Related news
- Microsoft may have scrapped Windows 11's dynamic wallpapers feature (source)
- Microsoft Bing shows misleading Google-like page for 'Google' searches (source)
- Microsoft to force install new Outlook on Windows 10 PCs in February (source)
- Microsoft 365 apps crash on Windows Server after Office update (source)
- Google OAuth Vulnerability Exposes Millions via Failed Startup Domains (source)
- Microsoft Uncovers macOS Vulnerability CVE-2024-44243 Allowing Rootkit Installation (source)
- Microsoft fixes actively exploited Windows Hyper-V zero-day flaws (source)
- Microsoft ends support for Office apps on Windows 10 in October (source)
- Microsoft expands testing of Windows 11 admin protection feature (source)
- Microsoft starts force upgrading Windows 11 22H2, 23H3 devices (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-09 | CVE-2020-0986 | Out-of-bounds Write vulnerability in Microsoft products An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. | 7.8 |