Microsoft Will Patch Zero-Day Flaw Found by Google

Healthcare Info Security

Jeremy Kirk

Microsoft plans to patch on Nov. 10 a zero-day kernel vulnerability found by Google's Project Zero bug-hunting team.

On Friday, Google publicly released the details of the vulnerability, CVE-2020-117087. Google normally gives 90 days' notice before releasing details of code vulnerabilities, but this bug marked an exception.

"We have evidence that the following bug is being used in the wild," according to Project Zero's writeup. "Therefore, this bug is subject to a 7-day disclosure deadline."

The privilege escalation bug creates...

Get the Morning Update

Thanks for subscribing!