Google has disclosed a Windows zero-day vulnerability in the Windows kernel that is currently being exploited in the wild by Black hats. This was disclosed after Microsoft failed to release a patch within the 7-day deadline.

CVE-2016-7855 is a local privilege escalation vulnerability in the Windows kernel that can be used as a security sandbox escape.

“[The vulnerability] can be triggered via win32k.sys system call NtSetWindowLongPtr() for the index GWLP_ID on a window handle with GWL_STYLE set to WS_CHILD. Chrome’s sandbox blocks win32k.sys system calls using the win32k lockdown mitigation on Windows 10, which prevents exploitation of this sandbox escape vulnerability”, Google quoted on a blog post by Neel Mehta and Billy Leonard on Oct 31, 2016

The blog post also notes that Google reported a zero-day flaw (CVE-2016-7855) in Flash Player to Adobe at the same time as it contacted Microsoft. But Adobe released an emergency patch for its software.

The Flash Player bug was also being exploited in a wide range against organizations in targeted attacks. According to Adobe, the flaw was affected on Windows 7, 8.1, Server 2012, Server 2012 R2 and 10 systems.

In response to the Google blog post, Microsoft said Google’s disclosure has potentially placed customers at risk, adding that the company believes in coordinated vulnerability disclosure. Microsoft also said that all supported Windows platform are vulnerable to this attack and have recommended its users to use Windows 10 and Microsoft Edge for the best protection from this vulnerability. Microsoft is anyhow working on its update and has promised to release the update on coming Patch Tuesday (i.e Nov 8, 2016).

The search giant claims that it could protect Windows 10 users with its new update for Google Chrome that rolled out on Nov 1, 2016. The blog said “The Windows vulnerability is a local privilege escalation in the Windows kernel that can be used as a security sandbox escape. It can be triggered via win32k.sys system call NtSetWindowLongPtr() for the index GWLP_ID on a Window handle with GWL_STYLE set to WS_CHILD. Chrome’s sandbox blocks win32k.sys system calls using the win32k lockdown mitigation on Windows 10, which prevents exploitation of this sandbox escape vulnerability”

We recommend all Windows users to install latest Google Chrome and Adobe Flash Player patches to have the best protection from this vulnerability.

SecPod Saner detects these vulnerabilities and automatically fixes it by applying Important and critical security updates. Download Saner now and keep your systems updated and secure.

 

Loading Facebook Comments ...

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes:

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>