Security News > 2020 > December > Google: Microsoft Improperly Patched Exploited Windows Vulnerability

Google: Microsoft Improperly Patched Exploited Windows Vulnerability
2020-12-28 13:15

Google Project Zero has disclosed a Windows zero-day vulnerability caused by the improper fix for CVE-2020-0986, a security flaw abused in a campaign dubbed Operation PowerFall.

Tracked as CVE-2020-17008, the new vulnerability was reported to Microsoft on September 24.

Disclosed in May 2020, CVE-2020-0986 was initially reported to Microsoft in December 2019 and a patch was released in June 2020.

Attacks targeting the vulnerability were observed within days after disclosure.

Exe, CVE-2020-17008 can be abused by simply changing the exploitation method for CVE-2020-0986, an arbitrary pointer dereference flaw affecting the GDI Print/Print Spooler API. Google Project Zero researcher Maddie Stone explains that CVE-2020-17008 is actually nearly identical to CVE-2020-0986, the only difference being that "For CVE-2020-0986 the attacker sent a pointer and now the attacker sends an offset."


News URL

http://feedproxy.google.com/~r/Securityweek/~3/GB7PMJpfUxg/google-microsoft-improperly-patched-exploited-windows-vulnerability

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2020-06-09 CVE-2020-0986 Out-of-bounds Write vulnerability in Microsoft products
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'.
local
low complexity
microsoft CWE-787
7.2

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Microsoft 708 787 4587 4647 3639 13660