Microsoft Windows Kernel Zero-Day Vulnerability (CVE-2020-17087)

Imechapishwa: Nov 11, 2020 07:55

Advisory No:

Source:

Software Affected:

Overview

Description

Advisory No: TZCERT/SA/2020/11/11

Date of First Release: 11th November 2020

Source: MICROSOFT

Software Affected: Windows Operating System

Overview:

Google has disclosed zero-day vulnerability in Microsoft Windows Kernel that is being exploited alongside with Google Chrome flaw (CVE-2020-15999).

Description:

This vulnerability is caused by the buffer overflow in the Windows Kernel Cryptography Driver (cng.sys) whereby the flaw exists in the cng!CfgAdtpFormatPropertyBlock function as a result of a 16-bit integer truncation.

Both Chrome vulnerability (CVE-2020-15999) and Window Kernel (CVE-2020-17087) could allow an attacker to break out Google Chrome’s sandbox successfully for privilege escalation.

Impact:

Successful exploitation of the vulnerability could allow an adversary to execute codes on the affected system.

Solution:

Microsoft has not yet released any patch for this issue; however, exploitation of the flaw has only been spotted in conjuction with Chrome vulnerability. Users and administrators are recommended to upgrade Chrome to available stable version of Windows.

CVEFixed Version
CVE-2020-1599986.0.4240.111

References:

  1. https://www.tenable.com/blog/cve-2020-15999-cve-2020-17087-google-chrome-microsoft-windows-kernel-zero-day-vulnerabilities-exploited-in-wild-along-with-cve-2020-16009
  1. https://community.norton.com/en/forums/windows-zero-day-cve-2020-17087-be-patched-10-nov-2020-actively-exploited-and-using-unpatched

Impact

Solution

References

Subscribe To TZ - CERT Newsletter

A digest of Tanzania Computer Emergency Response Team coverage of cyber-security news across the globe.

Subscribe
Ripoti Tukio