Trick or Treat! Google issues warning of critical Windows vulnerability in wild

[Batu69]

Privilege escalation bug in Windows kernel is “being actively exploited."

Recently, Google’s Threat Analysis Group discovered a set of zero-day vulnerabilities in Adobe Flash and the Microsoft Windows kernel that were already being actively used by malware attacks against the Chrome browser. Google alerted both Adobe and Microsoft of the discovery on October 21, and Adobe issued a critical fix to patch its vulnerability last Friday. But Microsoft has yet to patch a critical bug in the Windows kernel that allows these attacks to work—which prompted Google to publicly announce the vulnerabilities today.

 

“After 7 days, per our published policy for actively exploited critical vulnerabilities, we are today disclosing the existence of a remaining critical vulnerability in Windows for which no advisory or fix has yet been released,” wrote Neel Mehta and Billy Leonard of Google’s Threat Analysis Group.”This vulnerability is particularly serious because we know it is being actively exploited.”

 

The bug being exploited could allow an attacker to escape from Windows’ security sandbox. The sandbox, which normally allows only user-level applications to execute, lets programs execute without needing administrator access while isolating what it can access on the local system through a set of policies.

 

But by using a specific type of call to a legacy support Windows system library generally used for the graphics subsystem—win32k.sys—malicious code can escalate its privileges and execute outside of the sandbox, allowing it to execute code with full access to the Windows environment. Win32k.sys has been a problem before: Microsoft issued a warning back in June about a similar privilege escalation problem that had not yet been exploited, and another arrived in August.

 

Google Chrome already blocks this sort of an attack on Windows 10 using a modification to the Chromium sandbox called “Win32k lockdown.” That approach explicitly denies access to the library. However, code executed in other Web browsers or otherwise launched outside Chrome could still exploit the vulnerability.

 

Article source

[steven36]

Google  are the ones who bakes flash player in  there  browser to begin with! It's not happening in none of my browsers   In Firefox i dont even have flash plugin installed and I dont use IE or EDGE and i disabled  the flash plugin  in IE.  If Google blocks it already how do they know is it being exploited because they waited 90 days to patch it. and were is any proof that it can be exploited in say Firefox? .I  dont see no proof of concept  for Firefox  ?  I think it's kind of lame to report exploits that  they claim is no threat to them . Why dont they report some of those exploits  that are in  the wild they hide from everyone for 90 days ?  If it's any threat to  users using Google products Google never reports it tell after it's patched  only non Google paid researchers report Google if they dont get it patched within 90 days and pay the bounty hunters .

 

Google's answer to replace flash is to replace it with DRMED  HTML5.. with HTML5 come new exploits and DRM is nasty and if they get there way you will  need DRM just to watch videos online.  That's the great thing about piracy  DRM free media and before I use a browser full of DRM I would just pirate the movie . Now days while I can before they ruin it with DRM i just use MPV  and other media players to stream trough  mostly.. Browser free .

 

Microsoft most likely will patch it next week , And many more exploits in all browsers and OS  will go unpatched  that are hidden from the public for 90 days , Pseudo security at best  .  There not honest about exploits too began with . There anwser is to make like it dont exist tell after it's been patched unless they go past 90 days it dont get reported tell after it's patched .. within 90 days you could be hacked a 1000 times !

 

Google dont have no suitable OS too replace Windows with on PCs and there phone OS Android  It's up to the phone vendors to patch exploits and many never get patched if they do you're lucky  . It uses the Linux Kernel ...MOOOOO..Google worried about the NT kernel  when there O/S has the Mad Cow for over a decade that a ready made patch is out for that most want get on Android tell they buy a new phone . they need to fix there own mess that has over a billion users before worrying about  others software. 

 

Quote

 

Recently disclosed Dirty COW Linux privilege escalation vulnerability is likely to affect all Android versions, say security researchers.

 

Security researcher David Manouchehri told Ars Technica that he has been able to gain persistent root access on five different Android devices that he used. He goes on to say that the vulnerability should be very easy to exploit for anyone familiar with the Android filesystem and that it should affect all Android versions right from 1.0. Manouchehri based its code on a proof-of-concept which is available on GitHub, but other security researchers are known to have developed an alternate way of rooting a device based on another publicly available exploit, according to Ars Technica.

 

Dirty COW has been present in the Linux kernel for several years, writes Linus Torvald in the comment to the patch that fixes it. He explains that the vulnerability was originally fixed by himself 11 years ago, but was reintroduced in 2005. Dirty COW owns its name to its being related to a race condition in how Linux “handled the copy-on-write breakage of private read-only memory mappings”.

 

According to Phil Oester, which uncovered the vulnerability, all Linux users should patch their systems as soon as possible as the vulnerability has been already exploited in the wild:

One of the sites I manage was compromised, and an exploit of this issue was uploaded and executed.

Since a fix for Dirty COW is already available, all Linux system can be easily patched. It is unclear, though, how quickly the fix will flow through the Android installed base. Indeed, even if Android is patched with the next security release, limitations set by manufacturers or lack of support by providers could make it impossible to deploy it widely on all devices.

 

 

 

https://www.infoq.com/news/2016/10/dirty-cow-may-affect-all-android

Everything Google draws it's code off of is made by someone else other than Google on all it's software  but a few things that spy on you so it cant be open source that's how they get rich  from not charging for anything . It makes me laugh that a company who's cash cow  is ads  they make more money trough data than anything else can preach security. ADs Mal Adverts  is the biggest spreader of malware on the internet by far and Google makes ADs . They are a AD vendor .