News

Google Project Zero Finds “Crazy Bad” Windows Exploit

Google’s bug-hunting team has exposed a serious exploit in Windows 10. A member Project Zero, a group of security analysts that searches for zero-day vulnerabilities, disclosed its existence on Twitter on Monday (8th May). A Google researcher described the security flaw as “crazy bad” and “the worst Windows remote code exec in recent memory.”

“I think @natashenka and I just discovered the worst Windows remote code exec in recent memory. This is crazy bad. Report on the way,” tweeted Project Zero researcher. “Attack works against a default install, don’t need to be on the same LAN, and it’s wormable,” he added.

Project Zero has not publicly disclosed the nature of the vulnerability but has presumably notified Microsoft. Today’s monthly Windows Update may even include a patch for it.

Google Has a History of Exposing Windows Vulnerabilities

Google has made a habit of whistleblowing on Windows exploits. Earlier this year, Project Zero exposed a number of serious security issues with Windows 10: three within the space of a month. Project Zero gave Microsoft ample notice – 90 days, as per its policy – to fix the problems before the Google team went public.

Microsoft was none too happy with Google’s disclosure, explaining that public exposure of bugs is bad for users.

“We believe in coordinated vulnerability disclosure, and we’ve had an ongoing conversation with Google about extending their deadline since the disclosure could potentially put customers at risk,” a Microsoft spokesperson told Ars Technica. “Microsoft has a customer commitment to investigate reported security issues and proactively update impacted devices as soon as possible.”

Ashley Allen

Disqus Comments Loading...

Recent Posts

Plaion Launches Retro ZX Spectrum Computer

Plaion, a leading video game publisher, and Retro Games Ltd., a specialist in reimagined classic…

1 day ago

NVIDIA Warns of GeForce RTX 40 Graphics Card Shortages in November and December

During the latest earnings call, NVIDIA CFO Colette Kress warned of a potential GPU supply…

1 day ago

GeForce RTX 5090, RTX 5080, RTX 5070 Ti, and RTX 5070 Reportedly Coming in Q1 2025

Chinese sources say the GeForce RTX 5090, RTX 5080, RTX 5070 Ti, and RTX 5070…

1 day ago

GTA 6 Already Winning Awards Before Its Launch

GTA 6 doesn’t have an official release date yet, but it has already earned a…

2 days ago

DJI Osmo Mobile 6, 3-Axis Phone Gimbal

Stay on Point with ActiveTrack 6.0 - With upgraded tracking tech, OM 6 sticks to…

2 days ago

Drayton Wiser Smart Radiator Thermostat TRV

Pack includes three Wiser Radiator Thermostats. These smart radiator thermostats are only designed to work…

2 days ago