Microsoft releases patch for Windows zero-day flaw found by Google

Last month, security researchers at Google's Project Zero released details of a zero-day vulnerability in Windows that was being actively exploited. Hacklers were taking advantage of a Windows Kernel Cryptography Driver security flaw (CVE-2020-117087) to gain elevated privileges in Windows 7, 8, and 10, as well as Windows Server 2008 and higher. As part of yesterday's Patch Tuesday release, Microsoft has now issued a fix for the vulnerability. See also: Microsoft is going to forcibly upgrade systems running old versions of Windows 10 Microsoft may have dropped Office 2010 but 0patch will still offer security patches Thunderbolt NVMe SSDs are… [Continue Reading]