Google Discovers a Zero Day Flaw in Windows 10 & Microsoft Isn’t Happy

Google has uncovered a new zero day vulnerability in Windows 10. The flaw was first communicated to the company 10 days ago though a fix has still not arrived.

The bug, which is being termed critical, is already being exploited by hackers. The hacking group Strontium, more commonly known as “Fancy Bear”, has already utilized the vulnerability in Adobe Flash and the Windows kernel in its recent hack of the Democratic National Committee.

But while the exploit has been fixed on Flash, Windows 10 users will have to wait for a fix which is set to arrive this Tuesday, on the 8th of November. According to Microsoft, users of Microsoft Edge on Windows 10 Anniversary Update are protected from an attack.

Earlier, Google reported the vulnerability to be present in win32k.sys, which allows malicious code to escape from the security sandboxes in place. With the Flash vulnerability now fixed, users are reportedly safe from such an exploit, however, Microsoft still needs to make sure it plugs down the vulnerability for the future. Google has also fixed Chrome so it doesn’t allow such a hack.

Microsoft is understandably not too pleased with Google so publicly disclosing a critical bug, though. While for someone like Adobe fixing Flash is a task sufficient enough to be completed in seven days, an operating system is a decidedly more complex offering.

By airing the issue, Google may have further put millions of users at risk of a phishing attack and opened further debates on its oft-criticized seven-day policy on vulnerabilities.

      • Your case is like appreciating Linux but you always use and can’t live without Windows ;)
        Linux might have a good code (but so many versions) but it is Windows which delivers.

        There are millions of Pakistanis with intention to do something good for the country and people but not everyone can, it requires talent and experience to do so.. you should know that it is clear by now. Cheers ;)

        • Linux delivers too for many things. Only thing it cannot do is iOS development.

          Common complain: games. Look at Steam and Galaxy and Itch, they have thousands of games ported to it. In fact, consider fact that under all the hood, PS4 runs Linux.

        • Android you use is Linux by the way
          All the financial servers are Linux, or IMB, some are Solaris, Windows ratio is only for home users means no mind no calculations, just live what you have ?

  • Ltd feature videos

    Watch more at LTD