Google has revealed that it has found a Windows zero-day vulnerability that is being used in a number of attacks. Google has reported the issue to Microsoft, but no patch or advisory has been issued as of yet. Thomas Pore, Director of IT and Services at Plixer commented below.
Thomas Pore, Director of IT and Services at Plixer:
“Zero-day vulnerabilities can be extremely valuable, both to those engaging in offensive protection and to those looking for malicious exploitation. While Windows still dominates the end-user operating system experience, news of an unknown privilege escalation vulnerability is serious business as many are now exposed. Google’s disclosure policy defines a reasonable notification strategy with an upper bound at 60 days and for actively exploited zero-day vulnerabilities at 7 days. Active zero-day exploits pose a serious threat to users, PII, and their employer. The scope of this news should be a reminder to network and security engineers that traditional layers of defense will not prevent malicious actors from invading their network and that how quickly one can identify and respond the abnormal traffic patterns can result in a timely and successful response. Additionally, systems administrators need to continually evaluate automated patching procedures since Microsoft has mentioned that successful exploitation of the kernel vulnerability currently requires Adobe Flash Player, which has released a patch.”