Date:03/11/20
A critical vulnerability has been discovered in Windows that is being used to compromise computers. This was reported on the Google Project Zero website.
Experts said that the bug refers to zero-day vulnerabilities, that is, to malicious systems against which protective mechanisms have not yet been developed. With the help of a bug, hackers can elevate the privileges of certain processes in the system to break it. The experts said that the cracking occurs through interaction with the Windows Kernel Cryptography Driver function, which causes a buffer overflow.
A study by Google Project Zero says that the new vulnerability is used together with the CVE-2020-15999 vulnerability in the Chrome browser, which experts discovered a few days ago. Using a system flaw, hackers are able to run malicious code inside the browser.
Google experts concluded that the zero-day vulnerability found is already being exploited by cybercriminals. Hacking with its help was organized on the latest version of Windows 10, but the exploit was also launched on older versions of the OS, in particular, Windows 7.
In July, cybersecurity experts talked about the oldest vulnerability that has allowed compromising Windows servers for 17 years. The problem affected Windows Server operating systems from 2003-2019. Experts rated it 10 out of 10 on the CVSS vulnerability scale.
Critical vulnerability found in Windows
A critical vulnerability has been discovered in Windows that is being used to compromise computers. This was reported on the Google Project Zero website.Experts said that the bug refers to zero-day vulnerabilities, that is, to malicious systems against which protective mechanisms have not yet been developed. With the help of a bug, hackers can elevate the privileges of certain processes in the system to break it. The experts said that the cracking occurs through interaction with the Windows Kernel Cryptography Driver function, which causes a buffer overflow.
A study by Google Project Zero says that the new vulnerability is used together with the CVE-2020-15999 vulnerability in the Chrome browser, which experts discovered a few days ago. Using a system flaw, hackers are able to run malicious code inside the browser.
Google experts concluded that the zero-day vulnerability found is already being exploited by cybercriminals. Hacking with its help was organized on the latest version of Windows 10, but the exploit was also launched on older versions of the OS, in particular, Windows 7.
In July, cybersecurity experts talked about the oldest vulnerability that has allowed compromising Windows servers for 17 years. The problem affected Windows Server operating systems from 2003-2019. Experts rated it 10 out of 10 on the CVSS vulnerability scale.
Views: 246
©ictnews.az. All rights reserved.
Similar news
- Cellphone Use May Raise Cancer Risk
- Australian police pushes cyber safety education
- Vietnam aims to lead in e-government
- Senate Website Gets Hacked
- US builds net for cyber war games
- Japan enacts anti-computer virus law
- India passes law vs e-waste
- Anonymous Declares War On The City Of Orlando
- Microsoft highlights evolving dangers as online identity data proliferates
- Consumers want internet security to be provided by banks
- Government facilities targets of cyber attack
- South Korean web attacks might been war drill
- Sri Lanka to Establish National Passport Database to Increase Border Security
- Hi-tech crime agencies set to employ information security professionals
- Phone hacking and online campaign bring down the News of the World
