Google Project Zero Immediately stop using Microsoft browsers

Google published another unpatched Windows security flaw, according to the company's Project program policy which discloses vulnerabilities 90 days after they are disclosed to the developer.

This time, the vulnerability is a type confusion in its module and Internet Explorer. Google researcher Ivan Fratric published a PoC showing how it can crash browsers, opening a door for potential attackers to gain administrative privileges on affected systems.Project Zero

Fratric reports that he performed analysis on the 64-bit version of Internet Explorer on Windows Server 2012 R2, but also on 32-bit versions of Internet Explorer 11 and Microsoft Edge. This means that Windows 7, Windows 8.1 and Windows 10 users are at immediate risk if they use Microsoft browsers.

Vulnerability was reported in 25 November, and according to Google Project Zero policy, it was announced publicly today 25 February, while Microsoft has not yet released a patch.

Let's say this is it second security flaw which was revealed by Google in two weeks, as the company also published details of the vulnerability in gdi32.dll originally reported to Microsoft in March of 2016.

So at this time there are two different security vulnerabilities that have not yet been repaired by Microsoft while the details have already been posted online on Google.

As we mention in the title of the article, to protect yourself it is recommended that you avoid doing on websites you don't trust and also replace Internet Explorer and Microsoft Edge with a different one .

Google Project Zero PoC

iGuRu.gr The Best Technology Site in Greeceggns

Get the best viral stories straight into your inbox!















Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).