ANSA SYSTEMS LTD

Google Project Zero Discloses Nasty Windows 0-Day Security Exploit Already In The Wild

Google Project Zero Discloses Nasty Windows 0-Day Security Exploit Already In The Wild
Google’s Project Zero team, which is tasked with discovering 0-day vulnerabilities, has uncovered an exploit in the Windows kernel that can lead to sandbox escape or privilege escalation. The bug, given CVE-2020-17087, is of the buffer overflow type in the Windows Kernel Cryptography Driver (CNG.sys) and is being actively exploited. Thankfully,