Google publishes again vulnerabilities Windows




Despite strong criticism from Microsoft, Google has once again announced unpatched vulnerabilities in Windows. The first leak is not really worth mentioning, but the second is more critical and concerns a vulnerability in encryption.

Windows logo The first vulnerability involves the way Windows 7 certain rights of an administrator checks before being allowed to use certain body functions. The function is called NtPowerInformation and affects Windows 7, but both Google and Microsoft find the leak too small for a fix. Google has also changed the status to “closed”.

Another bug that came to light lays bare that data is to intercept Windows. The operating system will detect not suitable to reflect the identity of the user in the use of encrypted data. Microsoft knows the problem and did according to Ars Technica a solution release this week, but pulled it back in a hurry when it appeared that there are compatibility issues. The fix is ​​now scheduled for next month.

The bugs have been discovered by a team of security researchers that operates under the name Project Zero. The researchers tried to use the project to reduce the number of zero-Day ‘security problems. In addition, they also take the software from other companies under scrutiny.

In the first week of this year published Google first announced a vulnerability in Windows. The researchers at Google discovered the security issue in late September, and gave Microsoft ninety days to solve the security problem. Microsoft took that deadline is not.

Microsoft was not happy with the publication. The company stated that security issues would only be brought out when the problem is resolved. Google seems here, with the publication of the new vulnerabilities, however, not quite agree with that.


In: Technology & Gadgets Asked By: [15519 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »