Google’s bug-hunting team has exposed a serious exploit in Windows 10. A member Project Zero, a group of security analysts that searches for zero-day vulnerabilities, disclosed its existence on Twitter on Monday (8th May). A Google researcher described the security flaw as “crazy bad” and “the worst Windows remote code exec in recent memory.”
“I think @natashenka and I just discovered the worst Windows remote code exec in recent memory. This is crazy bad. Report on the way,” tweeted Project Zero researcher. “Attack works against a default install, don’t need to be on the same LAN, and it’s wormable,” he added.
Project Zero has not publicly disclosed the nature of the vulnerability but has presumably notified Microsoft. Today’s monthly Windows Update may even include a patch for it.
Google has made a habit of whistleblowing on Windows exploits. Earlier this year, Project Zero exposed a number of serious security issues with Windows 10: three within the space of a month. Project Zero gave Microsoft ample notice – 90 days, as per its policy – to fix the problems before the Google team went public.
Microsoft was none too happy with Google’s disclosure, explaining that public exposure of bugs is bad for users.
“We believe in coordinated vulnerability disclosure, and we’ve had an ongoing conversation with Google about extending their deadline since the disclosure could potentially put customers at risk,” a Microsoft spokesperson told Ars Technica. “Microsoft has a customer commitment to investigate reported security issues and proactively update impacted devices as soon as possible.”
No matter who you are or where you are it's pretty sure thing that you've…
Low input lag reduces time delay between devices to monitor SmartImage game mode optimised for…
High-quality, elegant as well as timeless design and technical innovation - these are the features…
Aluminum heat pipe cover discreetly hides copper piping 4 conductive copper heat pipes with Direct…
The customizable ARGB fans snap together with a magnetic connector that links the fans and…
TKL mechanical keyboard with 88 keys in a UK ISO layout V-silk PBT keycaps with…