The Project Zero team of Google, known for discovering security threats, revealed a security vulnerability in the Windows system, affecting versions from (Windows 7), and up to version 1903 of the system (Windows 10).
Google said in a post: that it has evidence of active exploits of the unfolded vulnerability, which allows attackers to execute code with advanced permissions.
The interesting thing is that the vulnerability that is being tracked using the naming (CVE-2020-17087), along with another exploited actively in the Chrome browser and revealed last week, CVE-2020-15999 leads to what is known as an escape from the sandbox, were benefiting the criminal mail from these Igrtin to implement the code in the penetrative goal by escaping from a secure environment for the browser, according to what explained (Katalin Sembano) from the site (ZDNet) technical.
The disclosure post also adds that Microsoft will fix this vulnerability with an upcoming Tuesday patch on November 10. However, fixes for Windows 7 releases will only make it for users who have subscribed to Extended Security Updates (ESU); Therefore, not all users will be able to fix the problem in their Windows 7 systems. Because the vulnerability is actively exploited, the search giant team offered Microsoft seven days to correct the bug before publicly disclosing it today.
Google has already patched the vulnerability in Chrome by releasing the stable version (86.0.4240.1111) of the browser. As for the Windows vulnerability, the vulnerability lies in the Windows Kernel Encryption Driver (CNG.sys), which the Project Zero team explains in detail in the post. The company has also attached a proof of concept code to show how the exploit might disrupt the system.
Also, (Shane Huntley) – the director of the Google Threat Analysis Group, emphasized that the vulnerability was not related to any government-sponsored attack on the upcoming US elections.