Google Discloses Targeted Exploit Found in Windows That Gave Hackers Administrator Access to System

Google’s Project Zero team’s technical lead said that Microsoft is expected to release a patch on November 10.

Advertisement
By Vineet Washington | Updated: 3 November 2020 12:07 IST
Highlights
  • Google has disclosed a targeted exploit found in Windows
  • The vulnerability was present since Windows 7
  • Google patched Chrome on October 20

Google has already patched the bug in Chrome

Google has disclosed a vulnerability with Windows Kernel Cryptography Driver that is being exploited to gain access to the target system. This vulnerability works alongside a Google Chrome flaw and according to a report, has only been spotted in conjunction with the Chrome vulnerability. Google patched Chrome and other Chromium based browsers starting October 20 but Microsoft is expected to release a patch on November 10. This is a targeted exploit and not widespread, which means not all users will be affected by it.

The Windows Kernel Cryptography Driver vulnerability CVE-2020-17087 has been disclosed by Google's Project Zero team after a seven-day disclosure deadline, as it was being used in the wild. This kind of vulnerability can be used to exploit privilege escalation. It is being used in tandem with a Google Chrome flaw (CVE-2020-15999) to gain access to a target system. Following that, the CVE-2020-17087 vulnerability can give the attacker administrator access to the target. While Google patched the flaw in Chrome on October 20, Microsoft is expected to release a patch on November 10, according to Project Zero team technical lead Ben Hawks on Twitter.

The Windows Kernel Cryptography Driver vulnerability has been found to be present ever since Windows 7 but was tested in an up-to-date Windows 10 1903 (64-bit) build. Director of Google's Threat Analysis Group, Shane Huntley, has also confirmed that this is a targeted exploitation and is not related to US election-related targeting. Since it is targeted, not all Chrome and Windows users will be affected, as per a report by HelpNetSecurity.

Advertisement

The report also states that a Microsoft spokesperson shared that exploitation of the vulnerability has only been seen in tandem with the Chrome vulnerability that was patched on October 20. Other Chromium based browsers like Opera and Microsoft Edge were patched on October 21 and October 22, respectively.

Advertisement

Is OnePlus 8T the best 'value flagship' of 2020? We discussed this on Orbital, our weekly technology podcast, which you can subscribe to via Apple Podcasts, Google Podcasts, or RSS, download the episode, or just hit the play button below.

 

Affiliate links may be automatically generated - see our ethics statement for details.
 
Post your comments

For details of the latest launches and news from Samsung, Xiaomi, Realme, OnePlus, Oppo and other companies at the Mobile World Congress in Barcelona, visit our MWC 2025 hub.

Further reading: Google, Microsoft, Windows 10, Windows 7, Google Chrome
Samsung Galaxy Note 20 FE Revealed on Company Site Ahead of Official Confirmation
Dirt 5 Release Date, PC System Requirements, Gameplay, Review, and More
Advertisement

Related Stories

iPhone 17e vs Google Pixel 10a: Price in India, Specifications Compared
3 March 2026
Apple Reportedly Considering Google’s Gemini Infrastructure for Advanced Siri Features
3 March 2026
Airtel Partners With Google to Offer AI-Powered Spam Protection for RCS Messaging in India
2 March 2026
Android 17 Beta 2 Released: Lets Users Create Bubble for Any App, Expands SMS OTP Protection
27 February 2026
Smartphones Launched in India (February 2026): Samsung Galaxy S26 Series, Google Pixel 10a, Vivo V70 Series and More
27 February 2026
Popular on Gadgets
Latest Gadgets
Popular Mobile Brands
#Trending Stories
  1. Apple MacBook 'Neo' Listed on Regulatory Website Before Imminent Launch
  2. Tecno Pop X Launched in India With 5,000mAh Battery, IP64 Rating: See Price
  3. Mike & Nick & Nick & Alice OTT Release Date: Know When and Where to Watch it Online
  4. Epson EpiqVision Mini EF-22N Review: A Premium Portable Laser Projector
  5. Tecno Megapad 2, Tecno Watch GT 1S and Tecno FreeHear 2 Debut at MWC 2026
#Latest Stories
  1. Apple MacBook Neo Reportedly Listed on Regulatory Site Hours Before Anticipated Launch
  2. Tecno Pop X Launched in India With 5,000mAh Battery, IP64 Rating: Price, Specifications
  3. Tecno Megapad 2, Tecno Watch GT 1S and Tecno FreeHear 2 Unveiled at MWC 2026: Availability, Features
  4. Mike & Nick & Nick & Alice OTT Release Date: Know When and Where to Watch it Online
  5. MediaTek Showcases AI Glasses at MWC 2026; Demonstrates Emergency Satellite Alerts With Starlink
  6. Devagudi Now Streaming Online: Where to Watch Intense Drama Online?
  7. Jab Khuli Kitaab OTT Release Date: When and Where to Watch Pankaj Kapur and Dimple Kapadia Starrer Romantic Drama Online?
  8. Apple Introduces M5 Pro, M5 Max Chips With New Fusion Architecture on 2026 MacBook Pro Models
  9. Apple Studio Display, Studio Display XDR With 27-Inch 5K Displays Launched in India: Price, Features
  10. Jockey Now Available for Streaming Online: Where to Watch This Tamil Action Movie Online?
Gadgets 360 is available in
Follow Us
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2026. All rights reserved.