U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Google Project Zero team the worst Windows RCE vulnerability in recent memory

Hackers at the Google Project Zero team have discovered another critical Windows RCE vulnerability, the worst Windows RCE in recent memory. Security experts at Google Project Zero team have discovered another critical remote code execution (RCE) vulnerability in Microsoft Windows OS, but this time the hackers defined it as the worst Windows RCE in recent memory. […]

Microsoft YellowKey

Hackers at the Google Project Zero team have discovered another critical Windows RCE vulnerability, the worst Windows RCE in recent memory.

Security experts at Google Project Zero team have discovered another critical remote code execution (RCE) vulnerability in Microsoft Windows OS, but this time the hackers defined it as the worst Windows RCE in recent memory.

The popular Google Project Zero hacker Tavis Ormandy announced its discovery during the weekend. The expert alongside with his colleague, the researcher Natalie Silvanovich, discovered the RCE vulnerability in Windows OS.

Ormandy did not provide any further details of the Windows RCE vulnerability because according to the Google bug disclosure the IT giant will give a 90-day security disclosure deadline to any company to solve the problem in their solutions and publicly disclose it.

Windows RCE vulnerability

The experts only revealed the following information on the Windows RCE vulnerability:

  • The PoC exploit the Project Zero team has developed works against default Windows installations.
  • The Windows RCE vulnerability could be exploited by a remote attacker.
  • The attack is “wormable,” capability to spread itself.

If you are interested in the details of the Windows RCE vulnerability discovered by the Project Zero Team, you will have to wait for 90 days.

The Google Project Team’s disclosure deadline was criticized by many security experts in the past, especially from Microsoft, but Google experts always ignored them.

In February, Google researchers disclosed the details of an unpatched flaw in the Edge and Internet Explorer browsers.

Microsoft hasn’t commented the discovery, let’s see if the tech giant will fix the issue with the May 2017 Patch Tuesday scheduled tomorrow.

Stay Tuned …

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs –  Windows RCE vulnerability, hacking)

[adrotate banner=”13″]