Google’s researchers have given all the details related to the vulnerability impacting Windows 7 and 10.
Reportedly, the flaw is an integer overflow flaw originated from one of the IOCTLs that the Kernel Cryptography Driver (cng.sys) in Windows supports. The flaw can lead to privilege escalation and allow attackers to escape sandboxes.
The vulnerability CVE-2020-17087 remained undisclosed so far, and now Google claims that this vulnerability is under active exploit from the hackers. Therefore, Google gave Microsoft one week to fix the flaw however the deadline has already passed, and now Google published its details.
Researchers have claimed that hackers are combining 2 bugs present in Google chrome. After combining and using these bugs together hackers get the access of running various malware codes into the system OS.
Google has however addressed these bugs and issues which are being patched by them. Microsoft on the other hand has ensured its users that they will deeply investigate the issue and ensure that their users are safe and secure.
Install NPAV on your devices to keep them protected from all kinds of cyber attack. Use NPAV and join us on a mission to secure the cyber world.