Skip to main content

Google's Project Zero discloses 'important' security vulnerability in Windows 10

posted onFebruary 21, 2018
by l33tdawg

Google's Project Zero team has disclosed another Windows 10 security flaw after Microsoft failed to patch it within the standard timeframe of 90 days. As first spotted by Neowin, the bug is one of a pair that was initially reported to Microsoft in November. The company apparently fixed one of the bugs with its February Patch Tuesday fixes, but left the other untouched.

According to the Project Zero report, the flaw could allow an attacker to gain administrator privileges if exploited. The issue is listed as high severity by Google because of its ease of exploitation. However, it can't be exploited remotely, which caused Microsoft to categorize it as "important" rather than "critical." James Forshaw, the Google security researcher who reported the vulnerability, notes that it only affects Windows 10 and hasn't been verified to work on earlier versions, like Windows 7 or 8.1. It's unclear when Microsoft may release a fix for the issue in question.



Microsoft Security

You May Also Like

Recent News

Tuesday, March 20th

Monday, March 19th

Friday, March 16th

Thursday, March 15th

Wednesday, March 14th

Tuesday, March 13th