Google reveals major vulnerability in Windows 10

khushaartanveer@gmail.com' By: Khushaar Tanveer
3 minute read

Google’s Threat Analysis Group has recently uncovered a set of harmful vulnerabilities in Adobe Flash and the Microsoft Windows kernel that were being actively used for malware attacks against the Chrome browser. Google has publicly announced the security flaw in Windows just 10 days after disclosing it to Microsoft on October 21. Google also pointed out that this flaw could be aggressively used by attackers and coders to compromise security in Windows systems by gaining administrator-level access to the computers using a malware.

This can be achieved by allowing less than honest developers to escape from Windows’ security sandbox that executes only user-level apps without needing admin access. Diving a little deeper into the technicalities, the win32k.sys, a legacy support Windows system library used mainly for graphics, is issued a specific call that grants full access to the Windows environment. Google Chrome already has a defense mechanism in place for this kind of flaw and blocks this attack on Windows 10 using a modification to the Chromium sandbox called “Win32k lockdown“.

Google described this particular Windows vulnerability as follows:

“The Windows vulnerability is a local privilege escalation in the Windows kernel that can be used as a security sandbox escape. It can be triggered via the win32k.sys system call NtSetWindowLongPtr() for the index GWLP_ID on a window handle with GWL_STYLE set to WS_CHILD. Chrome’s sandbox blocks win32k.sys system calls using the Win32k lockdown mitigation on Windows 10, which prevents exploitation of this sandbox escape vulnerability.”

Though this is not Google’s first encounter with a Windows security flaw, they released a public statement regarding a vulnerability and was later bashed my Microsoft for releasing a public note before the official seven-day limit that is granted to software manufacturers to issue a fix.

“After 7 days, per our published policy for actively exploited critical vulnerabilities, we are today disclosing the existence of a remaining critical vulnerability in Windows for which no advisory or fix has yet been released,” wrote Neel Mehta and Billy Leonard of Google’s Threat Analysis Group.”This vulnerability is particularly serious because we know it is being actively exploited.”

A zero-day vulnerability is a publicly disclosed security flaw new to users. And now that the seven-day time period has passed, there is still no patch fix available regarding this bug from Microsoft.

The Flash vulnerability (also disclosed on October 21) that Google shared with Adobe was patched on October 26. So users can simply update to the latest version of Flash. But then again, Microsoft has actively pointed out that for a simple web plugin like Flash, issuing a patch within seven days isn’t a challenging target, but for a complex OS like Windows, it is nearly impossible to code, test, and issue a patch for a security flaw within a week.

Not just Microsoft but many other major software entities have actively opposed this controversial policy of Google of revealing flaws within a week’s limit, but Google has maintained that it is safer for public security to create awareness about a persisting bug that may compromise user safety.

For various PC problems, we recommend this tool.

This software will repair common computer errors, protect you from file loss, malware, hardware failure and optimize your PC for maximum performance. Fix PC issues now in 3 easy steps:

  1. Download this PC Repair Tool rated "Excellent" on TrustPilot.com.
  2. Click “Start Scan” to find Windows issues that could be causing PC problems.
  3. Click “Repair All” to fix all issues with Patended Technologies (requires upgrade).

Discussions

Next up

Best Windows 10 antivirus software to use in 2018

By: Radu Tyrsina
7 minute read

Update – 2018 will soon come to an end and we already have a guide on what is the best antivirus you should get in […]

Continue Reading

These features are out for good with Windows 10 version 1809

iamsovy@gmail.com' By: Sovan Mandal
2 minute read

Microsoft is all set to launch its next big update, Windows 10 version 1809 in October. While that should be a nice piece of news […]

Continue Reading

Windows 10 18H2 builds no longer receive new features

By: Matthew Adams
3 minute read

The Windows 10 October 2018 Update (otherwise 18H2) rollout might now be two to three weeks away. For the last few months, new build previews […]

Continue Reading