Google reveals details on active vulnerability affecting Windows 10, 7

Google reveals details on active vulnerability affecting Windows 10, 7

Google’s Project Zero researchers have disclosed a Windows 0day vulnerability that allows attackers to escape Chrome sandboxes and run malware on Windows.


Google’s Project Zero researchers Mateusz Jurczyk and Sergei Glazunov have discovered a new zero-day security flaw in the cng!CfgAdtpFormatPropertyBlock function’s IOCTL 0x390400. 

Reportedly, it is an integer overflow flaw originated from one of the IOCTLs that the Kernel Cryptography Driver (cng.sys) in Windows supports. The flaw can lead to privilege escalation and allow attackers to escape sandboxes.



“The Windows Kernel Cryptography Driver (cng.sys) exposes a DeviceCNG device to user-mode programs and supports a variety of IOCTLs with non-trivial input structures. It constitutes a locally accessible attack surface that can be exploited for privilege escalation,” explained Jurczyk.



The vulnerability CVE-2020-17087 remained undisclosed so far, and now Google claims that this vulnerability is under active exploit from the hackers. Therefore, Google gave Microsoft one week to fix the flaw however the deadline has already passed, and now Google published its details.  


The zero-day affects Windows 7 and Windows 10. According to the researchers, attackers are using this vulnerability in combination with another bug in Chrome, which was fixed by Google last week. The bug allows attackers to escape Chrome’s sandbox, which is isolated from other applications, and run malware on the OS.


See: Hackers actively exploiting unfixed flaws in VPNs, Microsoft servers – CISA


The vulnerability’s details were submitted to the Project Zero discus ..

Support the originator by clicking the read the rest link below.