Google Discloses Third Zero-day Vulnerability in Windows

Hacking Windows 8, Microsoft Patch Tuesday, windows 7 vulnerability, Google vs. Microsoft, Google Discloses Third Zero-day Vulnerability in Windows , discloses another new critical bug on Windows 7 and Windows 8.1, Privileged escalation vulnerability on Windows 8.1, Google siclose vulnerability on Windows 8.1, Windows vulnerability by Google, Google Project team work. hacking Windows system, Windows 8.1 zeroday

Admin

January 16, 2015

Hacking Windows 8, Microsoft Patch Tuesday, windows 7 vulnerability, Google vs. Microsoft, Google Discloses Third Zero-day Vulnerability in Windows , discloses another new critical bug on Windows 7 and Windows 8.1, Privileged escalation vulnerability on Windows 8.1, Google siclose vulnerability on Windows 8.1, Windows vulnerability by Google, Google Project team work. hacking Windows system, Windows 8.1 zeroday

Two days before Google Security Team called "Google Project Zero" had discloses critical privileged escalation vulnerability on Microsoft Windows 8.1 operating system and now once again Google have reveals another bug in Microsoft operating system .

Google discloses the second bug just one day before Microsoft planned to issue a patch to kill the bugs. But its seems that Google team is on fire and disclosing more bug one after one without releasing the patch for the bug.

Just Today Microsoft had announced the end of the support of one of the popular operating system Windows 7, and Google team has discloses another new critical bug on Windows 7 and Windows 8.1, which left billions of users under threats.

Google’s tight 90-days disclosure policy seems to be a good move for all software vendors to patch their products before they get exploited by the hackers and cyber criminals. But at the same time, disclosing all critical bugs along with its technical details in the widely used operating system like Windows 7 and 8 doesn't appears to be a right decision either. What You think on this ???

The third serious bug that Google discloses was flaw in the CryptProtectMemory memory-encrypting function found within Windows 7 and 8.1 and presents in both 32- and 64-bit architectures, which can accidentally disclose sensitive information or allow a miscreant to bypass security checks, apparently.

Google Project Zero Team had already reported the vulnerability in Windows 7 and Widows 8.1 on October 17, 2014. Microsoft had validated and confirmed the bug and the patch of the bug is scheduled for 10th February 2015, which is next Tuesday patch.

As Google only gives 90-days to all the software vendor to patch the vulnerability of their products and later on it discloses it publicly . This new vulnerability was discovered by the researcher James Forshaw, who had earlier discovered Privileged escalation vulnerability on Windows 8.1.

Forshaw wrote -

The issue is the implementation in CNG.sys doesn't check the impersonation level of the token when capturing the logon session id (using SeQueryAuthenticationIdToken) so a normal user can impersonate at Identification level and decrypt or encrypt data for that logon session. This might be an issue if there's a service which is vulnerable to a named pipe planting attack or is storing encrypted data in a world readable shared memory section.

As like with the previous bug, Google researcher have also publish the Proff-of-Concepts demonstration of the bug. For PoC researcher have attached "Poc_CNGLogonSessionImpersonation.zip" file and to test the vulnerability just run the exe program from the zip file, from a command line. If the program prints the results "Encryption doesn't match", it means the system is vulnerable. You can get the more details information of the bug at vulnerability post.

This is the thrived vulnerability that Google have discloses within a month. And with this Google Project Zero team is making Microsoft work more hard. Microsoft had made a discussion with Google for the extension of the deadline of the vulnerability, but search engine giant refused. It seems that Google is getting more tighter with its policy and users security.