By 
A zero-day vulnerability in the Windows operating system that is reportedly under active exploitation has been recently revealed by security researchers from Google.
According to Ben Hawkes, team lead for Project Zero, Google’s elite vulnerability research team, the zero-day is supposed to be patched on November 10, which is the date of the Microsoft’s next Patch Tuesday.
The zero-day Chrome was used to encourage attackers to execute malicious code within Chrome, while the second component of this attack was the zero-day Windows, allowing malicious hackers to escape the protected container of Chrome and run code on the underlying operating system, in what security practitioners term a sandbox escape.
Microsoft was notified last week by the Google Project Zero team and gave the company seven days to patch the bug. Details were published today as a patch was not released by Microsoft at the time given.
The security researchers reported the source code for the vulnerability proof-of – concept exploit, which was tested on “an up-to – date Windows 10 1903 (64-bit) build.”
They note, however, that in Windows 7, the issue was possibly introduced.
The vulnerability impacts all versions of Windows between Windows 7 and the new Windows 10 release, according to the report.
“A crash is easiest to reproduce with Special Pools enabled for cng.sys, but even in the default configuration the corruption of 64kB of kernel data will almost surely crash the system shortly after running the exploit,” Jurczyk says
In targeted attacks, the vulnerability seems to have been targeted, but not in events linked to the U.S. election.
“Microsoft has a customer commitment to investigate reported security issues and update impacted devices to protect customers. While we work to meet all researchers’ deadlines for disclosures, including short-term deadlines like in this scenario, developing a security update is a balance between timeliness and quality, and our ultimate goal is to help ensure maximum customer protection with minimal customer disruption,” a Microsoft spokesperson said, replying to a SecurityWeek inquiry.
