Google publishes Windows vulnerability despite no fix from Microsoft

Google has openly published a Windows 8.1 vulnerability that allows low-level users to gain administrator privileges. The security flaw was revealed earlier this week despite one big problem: there’s still no fix from Microsoft. As such, the elevated privileges vulnerability remains a legitimate threat to some Windows customers. Google says it gave Redmond plenty of time to address the problem before the code went public on December 29th. It’s been 90 days since the security hole was filed as part of Google’s Project Zero initiative, which is dedicated to uncovering weaknesses in software before hackers can exploit them. Microsoft was told about the issue on September 30th, but so far hasn’t managed to resolve it with a Windows software…

Continue reading…

The Verge – All Posts

Leave a Comment