Google shares details of a Windows Kernel Cryptography Driver security flaw that's being exploited by hackers

Google has shared details of a bug in the Windows Kernel Cryptography Driver (cng.sys) which is currently being exploited in the wild by hackers. The Project Zero team had already privately shared details of the security flaw with Microsoft a little over a week ago, but now that it is being actively exploited the company has gone public. The zero-day flaw is being tracked as CVE-2020-117087, and it is not likely to be addressed by Microsoft for a couple of weeks. See also: Install KB4580364 update to fix Windows 10 problems and gain the new Meet Now taskbar button How… [Continue Reading]