Google’s Project Zero bug-hunting team has disclosed a Windows kernel flaw that’s being actively exploited by miscreants to gain administrator access on compromised machines.
The web giant’s bug report was privately disclosed to Microsoft on October 22, and publicly revealed just seven days later, after it detected persons unknown exploiting the programming blunder. The privilege-escalation issue was identified by Mateusz Jurczyk and Sergei Glazunov of Google Project Zero.
“The Windows Kernel Cryptography Driver (cng.sys) exposes a \Device\CNG device to user-mode programs and supports a variety of IOCTLs with non-trivial input structures,” the bug report explains.
Source: The Register