'Google security researchers have found the worst Windows remote code exec in recent memory'

Two Google security researchers have found a very critical leak in Windows that allows attackers to remotely execute code on the affected system. The vulnerability was discovered by Natalie Silvanovich and Tavis Ormandy from Google's Project Zero, a team of hackers that tries to find vulnerabilities in widely used software in order to protect internet users.

ADVERTISEMENT

Ormandy tweets that the vulnerability is, "the worst Windows remote code exec in recent memory. This is crazy bad". In another tweet he added, "attack works against a default install, don't need to be on the same LAN, and it's wormable."

While Ormandy and Silvanovich don't provide many more details, they have announced to release a report with details later. This will likely be in about 3 months, as it's Google policy to give software vendors a 90 day security disclosure deadline to patch their products and disclose it to the public.

Earlier this year Google's Project Zero also disclosed unpatched vulnerabilities in Windows.

ADVERTISEMENT

No posts to display