The Latest in IT Security

Microsoft Issued a Fix for Zero-Day Six Months Ago but It Didn’t Work

Microsoft Issued a Fix for Zero-Day Six Months Ago but It Didn’t Work

image credit: pixabay

Microsoft fixed a zero-day vulnerability in June 2020, but the company did a poor job. Security researchers from Google’s Project Zero showed that attackers could still use the zero-day, despite the patch.

Since zero-day exploits are a serious matter, most of the time, companies quickly release a patch. The June 2020 patch for Windows 8.1 and 10 covered the zero-day CVE-2020-0986 vulnerability, or at least that was the plan.

“An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory,” reads the vulnerability. “An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.”

Read More

Comments are closed.


THURSDAY, MAY 26, 2022

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...



Latest Comments