Your IT Consultant

Google Throws Microsoft Under the Bus

November 1, 2016

Google publicly disclosed a zero day vulnerability in Windows and Microsoft isn't happy. According to ars technica, "The bug being exploited could allow an attacker to escape from Windows' security sandbox. The sandbox, which normally allows only user-level applications to execute, lets programs execute without needing administrator access while isolating what it can access on the local system through a set of policies." Apparently, Google has a 2013 policy where it announces flaws after 7 days if the vendor hasn't fixed it. That's a pretty aggressive policy. Google notified Microsoft of the flaw on October 21, 2016.

The problem deals with win32k.sys, where using a specific call to a legacy support Windows system library generally used for the graphics subsystem can execute code outside of the sandbox. There is no fix at this time. Microsoft recommends minimizing the risk by using Windows 10 and the Edge browser. Chrome already blocks the attack on Windows 10 using a modification to its sandbox so why fire up the Edge browser that few people use?

E-mail: Phone: 703.359.0700
Digital Forensics/Information Security/Information Technology
http://www.linkedin.com/in/johnsimek
http://www.senseient.com