Google Discloses Targeted Exploit Found in Windows That Gave Hackers Administrator Access to System

Google’s Project Zero team’s technical lead said that Microsoft is expected to release a patch on November 10.

Advertisement
By Vineet Washington | Updated: 3 November 2020 12:07 IST
Highlights
  • Google has disclosed a targeted exploit found in Windows
  • The vulnerability was present since Windows 7
  • Google patched Chrome on October 20

Google has already patched the bug in Chrome

Google has disclosed a vulnerability with Windows Kernel Cryptography Driver that is being exploited to gain access to the target system. This vulnerability works alongside a Google Chrome flaw and according to a report, has only been spotted in conjunction with the Chrome vulnerability. Google patched Chrome and other Chromium based browsers starting October 20 but Microsoft is expected to release a patch on November 10. This is a targeted exploit and not widespread, which means not all users will be affected by it.

The Windows Kernel Cryptography Driver vulnerability CVE-2020-17087 has been disclosed by Google's Project Zero team after a seven-day disclosure deadline, as it was being used in the wild. This kind of vulnerability can be used to exploit privilege escalation. It is being used in tandem with a Google Chrome flaw (CVE-2020-15999) to gain access to a target system. Following that, the CVE-2020-17087 vulnerability can give the attacker administrator access to the target. While Google patched the flaw in Chrome on October 20, Microsoft is expected to release a patch on November 10, according to Project Zero team technical lead Ben Hawks on Twitter.

The Windows Kernel Cryptography Driver vulnerability has been found to be present ever since Windows 7 but was tested in an up-to-date Windows 10 1903 (64-bit) build. Director of Google's Threat Analysis Group, Shane Huntley, has also confirmed that this is a targeted exploitation and is not related to US election-related targeting. Since it is targeted, not all Chrome and Windows users will be affected, as per a report by HelpNetSecurity.

Advertisement

The report also states that a Microsoft spokesperson shared that exploitation of the vulnerability has only been seen in tandem with the Chrome vulnerability that was patched on October 20. Other Chromium based browsers like Opera and Microsoft Edge were patched on October 21 and October 22, respectively.

Advertisement

Is OnePlus 8T the best 'value flagship' of 2020? We discussed this on Orbital, our weekly technology podcast, which you can subscribe to via Apple Podcasts, Google Podcasts, or RSS, download the episode, or just hit the play button below.

 

Affiliate links may be automatically generated - see our ethics statement for details.
 
Post your comments

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.

Further reading: Google, Microsoft, Windows 10, Windows 7, Google Chrome
Samsung Galaxy Note 20 FE Revealed on Company Site Ahead of Official Confirmation
Dirt 5 Release Date, PC System Requirements, Gameplay, Review, and More
Advertisement

Related Stories

Google Photos 2025 Recap Rolls Out With Your Most Memorable Photo and Video Moments
3 December 2025
Google Pixel Phones Get AI Notification Summaries, New Parental Controls With Android 16 QPR2 Update
3 December 2025
Circle to Search Update Adds Spam Detection; Google Brings Urgent Call Notes, New Emoji to Android
3 December 2025
Google Expands Its AI-Powered Virtual Apparel Try On Tool to India
3 December 2025
Gemini App to Get a Major Design Upgrade, Could Soon Be Launched on macOS
2 December 2025
Popular on Gadgets
Latest Gadgets
Popular Mobile Brands
#Trending Stories
  1. Here's How Much the Samsung Galaxy Z TriFold May Cost in India
  2. OnePlus Ace 6T With Massive 8,300mAh Battery Launched at This Price
  3. iPhone 16 Price Drops Under Rs. 63,000 on Croma With Bank Discounts
  4. Vivo X300 Pro Review: Flagship Mobile Photography. Redefined.
  5. Mrs Deshpande OTT Release: When, Where to Watch Madhuri Dixit's Serial Killer Mystery
  6. Redmi 15C 5G India Launch Today: Everything You Need to Know
  7. Redmi 15C 5G Launched in India With These Specifications
  8. Samsung's One UI 8.5 Changelog Leak Hints at Imminent Beta Release
  9. Poco C85 5G With a 6,000mAh Battery Will Launch in India on This Date
#Latest Stories
  1. Motorola Edge 70 India Launch Date Leaked; Indian Variant Said to Feature Bigger Battery, Slim Design
  2. UK to Recognise Crypto as Property After Lawmakers Approve Landmark Bill
  3. Dyson HushJet Purifier Compact Launched in India With Electrostatic Filter, AQI Indicator, New HushJet Nozzle Design
  4. Samsung's One UI 8.5 Changelog Leak Hints at Imminent Beta Release
  5. AWS Unveils Frontier AI Agents for Enterprises, Can Operate for Days Without Intervention
  6. Government Says Sanchar Saathi App Optional, Can Be Removed; Apple Reportedly Plans to Oppose Mandatory Installation
  7. Government Removes Sanchar Saathi Pre-Installation Mandate After Pushback
  8. OnePlus Ace 6T Launched With 8,300mAh Battery, Snapdragon 8 Gen 5 SoC: Price, Specifications
  9. ChatGPT Could Soon Be Integrated With Apple Health App: Report
  10. Apple's Foldable iPhone Reportedly at Pre-Production Stage, Might Feature Vapour Chamber Cooling
Gadgets 360 is available in
Follow Us
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2025. All rights reserved.