GOOGLE has found that the Windows 10 Edge and Internet Explorer 11 has now been exposed to a severe web security vulnerability that aids the hackers to strike the browsers while they can execute malware code from remote and gain access to victim’s system to cause a huge security breach.
Project Zero, is a team of security analysts who work to identify and examine zero day vulnerabilities. By this way, the team has identified that Microsoft is exposed to a zero day vulnerability, through an infection in the gdi32.dll file in the Windows OS. The Google Project Zero Security division identified the flaw and declared the same to Microsoft on a private note back in 2016.
As a part of The Google Project Zero Policies, once the bug or the vulnerability has been identified, it is instantly reported to the technology companies and so the bug has to be fixed in about 90 days. If the flaw has not been looked upon and if the security issue is not been fixed within the time span of 90 days, Google, adhering to its policies, unveils the bug report automatically and is made visible to the public.
The Project Zero Team experts have warned the organization and categorized the security flaw as “High Severity” as it permits hackers to execute arbitrary code from remote.
Microsoft, however, has not taken any further action and the cyber world is not sure as to when there would be a patch fix for the existing zero day vulnerability.
The security flaw has been found to be the loop hole for the hackers to detour even the most advance sandboxing mechanism that is implemented in the Windows32K system. Google said, Even after reporting the issue to the Microsoft, the software firm is yet to take initiative in fixing the issue.
The vulnerability is a serious issue that the hackers are in the round about to exploit the best out of it and attack the Microsoft user victims bringing in a security breach at large.