Google Reveals Targeted Exploit Found in Windows
Google has disclosed a vulnerability with the Windows kernel crypto driver that is being exploited to gain access to the target system. This vulnerability works in conjunction with a Google Chrome flaw and, according to a report, has only been found in conjunction with the Chrome vulnerability. Google patched Chrome and other Chromium-based browsers as of October 20, but Microsoft is expected to release a patch on November 10. This is a targeted and not widespread exploit, which means that not all users will be affected by it.
Windows kernel crypto driver vulnerability CVE-2020-17087 has been disclosed by Google’s Project Zero team after a seven-day disclosure deadline as it was being used in the wild. This type of vulnerability can be used to take advantage of privilege escalation. Used in conjunction with a Google Chrome defect (CVE-2020-15999) to access a target system. After that, the CVE-2020-17087 vulnerability can give the attacker administrator access to the target. While Google patched the crash in Chrome on October 20, Microsoft A patch is expected to release on November 10, according to Project Zero team technical leader Ben Hawks at Twitter.
The Windows kernel crypto driver vulnerability has been found to be present since Windows 7, but was tested on an updated version of Windows 10 1903 (64-bit). Google Threat Analysis Group Director Shane Huntley has also confirmed that this is a targeted exploitation and is not related to targeting related to the US elections. Since it is targeted, not all users of Chrome and Windows will be affected, according to a report by HelpNetSecurity.
The report also claims that a Microsoft spokesperson shared that exploiting the vulnerability has only been seen in conjunction with the Chrome vulnerability that was patched on October 20. Other Chromium-based browsers such as Opera and Microsoft Edge were patched on October 21 and 22, respectively.