Google Discloses Unpatched Windows 7 Vulnerability
Google's Threat Analysis Group on February 27th, reported a 0-day vulnerability n Microsoft Windows 7 OS, which Microsoft has not yet corrected.
According to Google, "the vulnerability is a local privilege escalation in the Windows win32k.sys kernel driver that can be used as a security sandbox escape. The vulnerability is a NULL pointer dereference in win32k!MNGetpItemFromIndex when NtUserMNDragOver() system call is called under specific circumstances."
Google believes this vulnerability may only be exploitable on Windows 7 due to recent exploit mitigations added in newer versions of Windows. To date, Google's security researchers have only observed active exploitation against Windows 7 32-bit systems.
Google says it notified Microsoft about the issue, but since several days have passed and Microsoft says it is still "working on a fix," Google publicly disclosed it yesteday.
"..it is a serious vulnerability in Windows that we know was being actively exploited in targeted attacks. The unpatched Windows vulnerability can still be used to elevate privileges or combined with another browser vulnerability to evade security sandboxes, "Google said.
As mitigation advice for this vulnerability users should consider upgrading to Windows 10 if they are still running an older version of Windows, and to apply Windows patches from Microsoft when they become available.
The same vulnerability also affected Google Chrome, but Google says it released an update for all Chrome platforms on March 1.