Original article on my website, onyxcode.net
Google has now publicly released details on a zero day exploit that hackers are supposedly actively using to hack Windows 10 and 7 PCs. Project Zero by Google gave Microsoft an ultimatum that the vulnerability needed to be fixed within 1 week. However, due to Microsoft’s lack of action, Google let the details on to the public scene.
This nameless exploit, labeled CVE-2020-17087, can be kryptonite to PCs running Windows 10 and 7 because it allows the attacker to elevate their user access level inside Windows.
Most cases of the exploit can be found used in connection with another bug in Google’s Chrome web browser which allowed the attackers to escape Chrome’s “sandbox” which could deploy and run malware on the host system. Fortunately, the bug involving Chrome has been fixed.
Ban Hawkes, the technical leader of Project Zero says that Microsoft plans to release a patch on the 10th of November. Microsoft themselves could not confirm this date but issued a statement saying in part: “Microsoft has a customer commitment to investigate reported security issues and update impacted devices to protect customers. While we work to meet all researchers’ deadlines for disclosures, including short-term deadlines like in this scenario, developing a security update is a balance between timeliness and quality, and our ultimate goal is to help ensure maximum customer protection with minimal customer disruption.”
However, the attacker’s motives are still unknown. Google’s threat intelligence director says the attacks were “targeted” but not related to the United States 2020 election.
The attacks were “very limited” according to a Microsoft spokesperson, and “no evidence to indicate widespread usage.” It’s yet another bug in the list of many to affect Windows this year. In January, the NSA helped find a “cryptographic bug”, but there was no evidence it was ever exploited.
Yet, in June and September, the U.S. Department of Homeland Security alerted to critical Windows bugs that included spread via internet and gaining elevated access to an entire Windows network.