Google published another unpatched flaw security των Windows, σύμφωνα με την πολιτική προγράμματος της εταιρείας Project Zero που αποκαλύπτει τρωτά points 90 days after they are notified to the developer.
This time, vulnerability is a type of confusion in a Microsoft Edge module and Internet Explorer. Google's researcher Ivan Fratric has published a PoC showing how browsers can drop, opening a door to potential intruders to acquire administrator privileges in affected systems.
Fratric reports that he performed analysis στην 64-bit έκδοση του Internet Explorer στα Windows Server 2012 R2, αλλά και σε δύο εκδόσεις των 32-bit του Internet Explorer 11 και του Microsoft Edge. Αυτό σημαίνει ότι οι χρήστες των Windows 7, Windows 8.1 και Windows 10 είναι σε άμεσο κίνδυνο, αν χρησιμοποιούν browsers της Microsoft.
Vulnerability was reported in 25 November, and according to Google Project Zero policy, it was announced publicly today 25 February, while Microsoft has not yet released a patch.
Let's say this is it second security flaw which was revealed by Google in two weeks, as the company also published details of the vulnerability in gdi32.dll originally reported to Microsoft in March of 2016.
So right now there are two different ones vulnerabilities security vulnerabilities that have not yet been patched by Microsoft while the details have already been posted online by Google.
As mentioned in the article's title, to protect yourself, it is recommended that you avoid clicking on webpages that you do not trust but also replace Internet Explorer and Microsoft Edge with a different browser.