This week, Google’s security team publicly disclosed a zero day flaw in Microsoft Windows. They actually found attackers exploiting this flaw, and a zero day Adobe Flash flaw, in the wild. They informed Microsoft and Adobe of the vulnerabilities over a week ago. Adobe already patched their Flash flaw, but Microsoft hasn’t had time to patch. Watch today’s video to learn more about the local sandbox escape vulnerability, and how to temporarily protect yourself from this attack. I also share my take on the drama between Google and Microsoft over this disclosure.
Episode Runtime: 4:28
Direct YouTube Link: https://www.youtube.com/watch?v=aayCa6whfvc
EPISODE REFERENCES:
- Google’s blog post on Microsoft and Adobe Flash zero day – Google Blog
- Google discloses zero day Microsoft flaw – Evening Standard
- Emergency Flash update – Adobe
- Microsoft claims Russian Hackers exploiting these zero days – Reuters
- Old article about Google researcher disclosing Microsoft zero day – The Verge
— Corey Nachreiner, CISSP (@SecAdept)
Leave a Reply