Items tagged with 0-day

Earlier this week, Microsoft confirmed a “new” 0-Day remote code execution vulnerability within Exchange Servers. While it isn’t necessarily new in the family of Proxy-Exploits, critical infrastructure is still being attacked now, and hundreds of thousands of servers are potentially vulnerable to this issue, so patch... Read more...
Issues within Chromium, the engine behind Google Chrome and Microsoft Edge, have been popping up left and right lately. That trend is not set to end any time soon, it seems, as a new zero-day Chromium vulnerability has been found with a working proof of concept posted to GitHub. Yesterday, Twitter user Frust posted... Read more...
Google’s Project Zero team, which is tasked with discovering 0-day vulnerabilities, has uncovered an exploit in the Windows kernel that can lead to sandbox escape or privilege escalation. The bug, given CVE-2020-17087, is of the buffer overflow type in the Windows Kernel Cryptography Driver (CNG.sys) and is being... Read more...
Zero-day exploits are a nightmare for end-users and vendors alike as both groups have to scramble to patch and resolve problems. Today, Microsoft got tagged with one of the worst types of disclosures -- not only is there a vulnerability in every single shipping version of Windows, the vulnerability has been exploited... Read more...