Categories: Security news

Google discloses ‘high-severity’ exploit in Windows 10 before it’s patched



Google reveals unpatched security vulnerability in Microsoft’s Edge browser

Google’s Project Zero team of security researchers disclosed a “high-severity” vulnerability it found in Microsoft’s Edge browser after the company failed to patch it within the allotted time of 90 days. The vulnerability can allow an attacker to gain administrator privileges if exploited.

For those unfamiliar, Project Zero is a team of security analysts employed by Google to find zero-day vulnerabilities before they are found and exploited by malicious people. On finding and disclosing the vulnerability to the relevant company, Google gives them 90 days to fix the issue. However, if the company fails to issue a patch within the specified time period, the Project Zero team discloses the vulnerability to the public so that users can protect themselves by taking necessary steps.

This most recent vulnerability was identified by James Forshaw, a Google Project Zero researcher, who disclosed it to Microsoft on November 10 as part of a separate security issue with Windows 10. Apparently, there are actually two bugs in this vulnerability, named 1427 and 1428. While Microsoft addressed the bug 1427 with its February’s Patch Tuesday release earlier this month, as it found it to be more critical. However, it chose to leave the other bug 1428 untouched, as it says it’s not a critical vulnerability.

According to the technical report in the Project Zero, the vulnerability has been tested on Windows 10 Fall Creators Update (version 1709). In this case, the Windows 10 vulnerability is in the SvcMoveFileInheritSecurity remote procedure call (RPC). Forshaw also attached a proof-of-concept code in C++ which creates an arbitrary file in the Windows folder, and exploits the SvcMoveFileInheritSecurity RPC to overwrite the security descriptor to get control of a system.



Currently, the issue has been listed as “high-severity” by Google because of its ease of exploitation. However, since the latest elevation of privilege flaw in Windows 10 cannot be exploited remotely or in browsers that run in a sandbox, Microsoft has categorized it as “important” rather than “critical.” Forshaw points outs that the flaw only affects Windows 10 and he hasn’t verified whether it works on earlier versions, like Windows 7 or 8.1.

When Neowin contacted Microsoft for clarification regarding the security flaw, they responded by saying, “Windows has a customer commitment to investigate reported security issues, and proactively update impacted devices as soon as possible.”

Only last week, Google’s Project Zero had revealed a Windows 10 exploit mitigation [Arbitrary Code Guard (ACG)] bypass to the public that Microsoft couldn’t fix in time. Microsoft had confirmed the ACG bypass and said it would fix the issue in February’s Patch Tuesday release. However, it was forced to skip the February’s Patch Tuesday release, as the issue was found to be “more complex” than initially thought. The Redmond giant is now targeting to release the fix in Patch Tuesday in March.

Source: Neowin

Kavita Iyer

An individual, optimist, homemaker, foodie, a die hard cricket fan and most importantly one who believes in Being Human

Recent Posts

  • Facebook
  • Technology

Facebook Dating feature starts rolling out in Columbia

Facebook officially launches its dating service in Columbia Facebook has started rolling out a countrywide test of its new online…

5 hours ago
  • Alternatives
  • List

Terrarium TV Down- Best Alternatives To Watch Free Movies In 2018

Terrarium TV was perhaps the best app for watching free movies and TV shows. This free application was available on…

11 hours ago
  • Explanatory
  • Tips and Tricks

How to Login into Belkin Router 192.168.2.1? (Working 2018)

Routers play a very crucial role in getting access to the internet. They act as a medium between the user…

11 hours ago
  • Laws and Legalities
  • News

Cloudflare requested to expose Showbox, YTS and Popcorn Time site operators

Movie studios obtain subpoena that orders Cloudflare to expose piracy site operators including Showbox, YTS and Popcorn Time site A group…

1 day ago
  • Laws and Legalities
  • Security news

Mirai botnet masterminds helping FBI to avoid jail time

Mirai botnet creators avoid prison time by assisting FBI as part of their sentencing Remember the three young hackers who…

1 day ago
  • leak
  • News

Winamp’s new beta version 5.8 leaks online

Winamp 5.8 beta leak surfaces on the web A beta version of the upcoming Winamp 5.8 has been leaked online…

2 days ago