Presently we count on a patch for this subject to be accessible on November 10. We now have confirmed with the Director of G… https://t.co/kQWd6Gakl0
— Ben Hawkes (@benhawkes) 1604073648000
“Presently we count on a patch for this subject to be accessible on November 10. We now have confirmed with the Director of Google’s Risk Evaluation Group, Shane Huntley that that is focused exploitation and this isn’t associated to any US election associated concentrating on,” tweeted Hawkes.
Google had notified Microsoft concerning the vulnerability final week and gave Microsoft 7 days time to repair the problem. As Microsoft didn’t repair it within the allotted, Google has revealed the main points of the bug publicly.
Google has offered the supply code of a proof-of-concept program. “It was examined on an up-to-date construct of Home windows 10 1903 (64-bit), however the vulnerability is believed to be current since not less than Home windows 7. A crash is best to breed with Particular Swimming pools enabled for cng.sys, however even within the default configuration the corruption of 64kB of kernel knowledge will nearly absolutely crash the system shortly after working the exploit,” stated Google in its report.