Google reveals actively exploited unpatched Windows flaw

Printable View

01-11-2016, 11:01 AM
HEXUS

Google reveals actively exploited unpatched Windows flaw

Quote:

It gave Microsoft 10 days notice but there has been no fix released as yet.

Read more.
01-11-2016, 01:14 PM
Ttaskmaster

Re: Google reveals actively exploited unpatched Windows flaw

Quote:

"The Windows vulnerability is a local privilege escalation in the Windows kernel that can be used as a security sandbox escape. It can be triggered via the win32k.sys system call NtSetWindowLongPtr() for the index GWLP_ID on a window handle with GWL_STYLE set to WS_CHILD. Chrome's sandbox blocks win32k.sys system calls using the Win32k lockdown mitigation on Windows 10, which prevents exploitation of this sandbox escape vulnerability."

Can someone put that in simple English please?
I tried it in Google Translate, but got nothing... :D
01-11-2016, 01:55 PM
qasdfdsaq

Re: Google reveals actively exploited unpatched Windows flaw

Quote:

Originally Posted by Ttaskmaster

Quote:

"The Windows vulnerability is a local privilege escalation in the Windows kernel that can be used as a security sandbox escape. It can be triggered via the win32k.sys system call NtSetWindowLongPtr() for the index GWLP_ID on a window handle with GWL_STYLE set to WS_CHILD. Chrome's sandbox blocks win32k.sys system calls using the Win32k lockdown mitigation on Windows 10, which prevents exploitation of this sandbox escape vulnerability."

Can someone put that in simple English please?
I tried it in Google Translate, but got nothing... :D

A program running in a protected/sandboxed environment can escape and run code as the user or as an administrator by exploiting a bug in the way Windows handles window settings.

It doesn't work in Chrome because Chrome blocks the method and subsystem used to set window settings.
01-11-2016, 05:29 PM
Ttaskmaster

Re: Google reveals actively exploited unpatched Windows flaw

OK, yeah, that's a little concerning.
01-11-2016, 11:59 PM
LSG501

Re: Google reveals actively exploited unpatched Windows flaw

While obviously the issue with Windows does need fixing I'd actually say what Google is doing announcing it after 7 days is worse because we all know it will take more than that to fix an os problem.

It's also a bit hypocritical to be announcing Windows issues when there's plenty of unpatched versions of their own OS out in the wild with just as serious consequences.
02-11-2016, 08:50 AM
HollyDOL

Re: Google reveals actively exploited unpatched Windows flaw

Quote:

Originally Posted by LSG501

While obviously the issue with Windows does need fixing I'd actually say what Google is doing announcing it after 7 days is worse because we all know it will take more than that to fix an os problem.

It's also a bit hypocritical to be announcing Windows issues when there's plenty of unpatched versions of their own OS out in the wild with just as serious consequences.

I have to agree. While the bug in Windows is serious, you still need malware to be downloaded and executed on victim computer. I _guess_ decent antivirus will be able to detect such a malware quite soon. Having a week to alter kernel, run all tests, validate on multitude of environments Windows run on, sign and publish... There is no chance to do that in a week... And the very people screaming about 'end-of-world' security hole would be screaming about 'broken-and-ever-bugged' system. Kernel is not a ms paint where if you screw something out, it's no biggy, it really needs time to be done properly and it's way too critical component to haste it.