Windows kernel zero-day vulnerability used in targeted attacks

Project Zero, Google's 0day bug-hunting team, today disclosed a zero-day elevation of privileges (EoP) vulnerability found in the Windows kernel and actively exploited in targeted attacks. The flaw is a pool-based buffer overflow that exists in the Windows Kernel Cryptography Driver (cng.sys) and it is currently tracked as CVE-2020-17087. Proof of concept exploit available The … Continue reading Windows kernel zero-day vulnerability used in targeted attacks

Two 0-Days Under Active Attack, Among 120 Bugs Patched by Microsoft

One of the two zero-day bugs is rated ‘critical’ and is classified as a remote code-execution bug impacting Microsoft’s Internet Explorer. Two Microsoft vulnerabilities are under active attack, according the software giant’s August Patch Tuesday Security Updates. Patches for the flaws are available for the bugs, bringing this month’s total number of vulnerabilities to 120. … Continue reading Two 0-Days Under Active Attack, Among 120 Bugs Patched by Microsoft

Getting to the Root: How Researchers Identify Zero-Days in the Wild

Google Project Zero researcher Maddie Stone explains the importance of identifying flaws exploited in the wild and techniques used to do it. When a zero-day vulnerability is exploited in the wild, it's essential to identify the bug at the root of the attack. This "root cause analysis" informs researchers how an attack unfolded. "We care … Continue reading Getting to the Root: How Researchers Identify Zero-Days in the Wild