Microsoft today patched a zero-day vulnerability in the Windows kernel that is currently being exploited in the wild.
The November Patch Tuesday rollout includes 112 total patches, 17 of which are rated critical. The vulnerabilities fixed today exist in products and services including Microsoft Windows, Office and Office Services and Web Apps, Internet Explorer, Edge, ChakraCore, Azure Sphere, Exchange Server, Visual Studio, Microsoft Dynamics, Windows Defender, and Microsoft Teams. After a drop in fixes released last month, November again brought the patch count over 110, where it has been for most of this year.
A notable patch this month addresses CVE-2020-17087, an elevation of privilege vulnerability in the Windows kernel disclosed by Google's Project Zero earlier this month. Researchers spotted the flaw being used with CVE-2020-15999, a known and patched Google Chrome bug in the FreeType library. At the time of disclosure, the flaws were reportedly used in targeted attacks.
The bug exists in the Windows kernel cryptography driver; a flaw in one of the driver's functions makes it vulnerable to a buffer overflow attack that leads to memory corruption in the kernel pool. It could be exploited to achieve privileged escalation such as a sandbox escape. Source code for a proof-of-concept program was tested on Windows 10; however, the vulnerability is believed to affect Windows versions as early as Windows 7.
"Chaining vulnerabilities is an important tactic for threat actors," says Satnam Narang, principal research e ..
Support the originator by clicking the read the rest link below.
