Welcome Stranger to OCC!Login | Register

Google Reveals Windows Exploit Before Microsoft Issues Patch to Fix It

Category: Operating Systems
Posted: 03:32PM

Google has revealed a critical security exploit that impacts Windows systems, ten days after informing Microsoft of the exploit. However, Microsoft has not yet issued a patch for the vulnerability which is described as "a local privilege escalation in the Windows kernel that can be used as a security sandbox escape." The vulnerability is being actively exploited which "means attackers have already written code for this specific security hole and are using it to break into Windows systems." Microsoft is not happy that Google revealed the exploit before it had a chance to fix it, with a spokesperson stating "We believe in coordinated vulnerability disclosure, and today’s disclosure by Google puts customers at potential risk." Executive VP of the Windows and Devices group Terry Myerson added that the vulnerability doesn't impact Windows 10 Anniversary Update users and that a fix is expected on November 8.

Source: Venture Beat

Register as a member to subscribe comments.
Randxalthor on November 02, 2016 15:42
This is only news because Microsoft is trying to shift blame to Google. It has been Google's standard procedure to disclose vulnerabilities that already have active exploits in the wild 7 days after disclosing to the vendor. It's the ethical thing to do, as everyone is already at risk, and it lets security companies everywhere know to start compensating for the vulnerability until it is patched.

© 2001-2018 Overclockers Club ® Privacy Policy
Elapsed: 0.1783530712   (xlweb1)