Now Google has started a new war by publishing details about a critical vulnerability in Windows and that makes Microsoft angry. Google claimed that it reported the bug to Microsoft 10 days ago but company did nothing to address this issue.
In its official Security Blog , Google wrote:
"After seven days, per our published policy for actively exploited critical vulnerabilities, we are today disclosing the existence of a remaining critical vulnerability in Windows for which no advisory or fix has yet been released.
Google confirmed that it repaired the vulnerability for its Chrome users, and Adobe issued an update for Flash last week.
Google describes the vulnerability, CVE-2016-7855, as:
“A local privilege escalation in the Windows kernel that can be used as a security sandbox escape. It can be triggered via the win32k.sys system call NtSetWindowLongPtr() for the index GWLP_ID on a window handle with GWL_STYLE set to WS_CHILD. Chrome's sandbox blocks win32k.sys system calls using the Win32k lockdown mitigation on Windows 10, which prevents exploitation of this sandbox escape vulnerability.”
Microsoft shows his anger by below statements:
"We believe in coordinated vulnerability disclosure, and today's disclosure by Google could put customers at potential risk,"
“We disagree with Google's characterization of a local elevation of privilege as 'critical' and 'particularly serious,' since the attack scenario they describe is fully mitigated by the deployment of the Adobe Flash update released last week. Additionally, our analysis indicates that this specific attack was never effective in the Windows 10 Anniversary Update due to security enhancements previously implemented."
It’s not first time, Google exposed bug in Microsoft. In 2015, Google published bug report 90 days after informing MS company.
Microsoft’s Chris Betz said at the time “The decision feels less like principles and more like a ‘gotcha’, with customers the ones who may suffer as a result. What’s right for Google is not always right for customers.”
**FULLZ WITH HIGH CREDIT SCORES AVAILABLE**
ReplyDelete**HACKING TOOLS WITH TUTORIALS AVAILABLE**
(High Quality, Genuine Seller)
=>Contact 24/7<=
Telegram> @killhacks
ICQ> 752822040
Skype> Peeterhacks
Fullz info included
NAME+SSN+DOB+DL+DL-STATE+ADDRESS
Employee & Bank details included
High credit fullz with DL 700+
(bulk order negotiable)
**Payment in all crypto currencies will be accepted**
->You can buy few for testing
->Invalid or wrong info will be replaced
->Serious buyers needed for long term
TOOLS & TUTORIALS AVAILABLE:
"SPAMMING" "HACKING" "CARDING" "CASH OUT"
"KALI LINUX" "BLOCKCHAIN BLUE PRINTS"
**TOOLS & TUTORIALS LIST**
->US CC Fullz
->Ethical Hacking Tools & Tutorials
->Kali Linux
->Keylogger & Keystroke Logger
->Facebook & Google Hacking
->Bitcoin Flasher
->SQL Injector
->Paypal Logins/Amazon Logins/Coinbase Logins
->Bitcoin Cracker
->SMTP Linux Root
->Shell Scripting
->DUMPS with pins track 1 and 2 with and without pin
->SMTP's, Safe Socks, Rdp's brute
->Php mailer
->SMS Sender & Email Blaster
->Cpanel
->Server I.P's & Proxies
->Viruses & VPN's
->Premium Accounts (netflix cracker, paypal logins, pornhub, amazon)
->HQ Email Combo
If you are searching for a valid vendor, I'm here for you.
You'll never be disappointed.
**You should try at least once**
Contact 24/7
Telegram> @killhacks
ICQ> 752822040
Skype> Peeterhacks