Google reveals new Windows Kernel vulnerability

Currently ransomware PetyaWrap is spreading through computer networks. Beside that, Google has revealed a new Windows vulnerability in Windows Kernel, that hasn't been patched fully.

The vulnerability has been discovered in March 2017 within Google's Project Zero and has been reported to Microsoft. The vulnerability allows an application running in user mode to call nt!NtNotifyChangeDirectoryFile system API and access kernel memory. 

The issues has been confirmed in Windows 7 up to Windows 10. Microsoft has released a patch for this vulnerability in June 2017. But Google claims that the vulnerability hasn't patches fully. So the details went public after a 90 day period here. (via)

This entry was posted in Security, Windows and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *