Top

Google discloses Windows zero-day actively exploited in targeted attacks

March 8, 2019

Category:

Google this week disclosed a Windows zero-day vulnerability that is being actively exploited in targeted attacks alongside a recently addressed flaw in Chrome flaw (CVE-2019-5786).

The Windows zero-day vulnerability is a local privilege escalation issue in the win32k.sys kernel driver and it can be exploited for security sandbox escape.

“It is a local privilege escalation in the Windows win32k.sys kernel driver that can be used as a security sandbox escape.” reads the post published by Google.

Read More on Security Affairs