Microsoft patched Windows vulnerability revealed by Google2016-11-08 16:52 by Daniela
Tags: Microsoft, Windows
Microsoft has patched a critical Windows vulnerability which was recently discovered by Google. According to Google, hackers were already actively exploiting the flaw.
"It can be triggered via the win32k.sys system call NtSetWindowLongPtr() for the index GWLP_ID on a window handle with GWL_STYLE set to WS_CHILD," Google's Neel Mehta and Billy Leonard said in their disclosure.
The fix is part of the monthly security patches that Microsoft releases.
"Microsoft implemented new exploit mitigations in the Windows 10 Anniversary Update version of the win32k kernel component," Microsoft said in its bulletin, MS16-135. "These Windows 10 Anniversary Update mitigations, which were developed based on proactive internal research, stop all observed in-the-wild instances of this exploit."
Read more -here-