Please include this statement paragraph when reproducing or transferring this advisory.
NSFOCUS reserves all the rights to modify and interpret this advisory. NSFOCUS and the author will not bear any liability for any direct and/or indirect consequences and losses caused by transmitting and/or using this advisory. NSFOCUS does not provide any commitment or promise on this advisory. This advisory is only used to describe a potential risk. Google will release updated information related to this vulnerability on the following link: Therefore, users are advised to update to Windows 10 and apply patches once available. Users of Google Chrome should upgrade the browser to a secure version as soon as possible.Īccording to researchers from Google, before Microsoft releases a fix, the vulnerability in Windows can still be used for privilege escalation or used along with vulnerabilities in other browsers for sandbox escape.
According to Google, the vulnerability in Windows only affects 32-bit Windows 7 systems.The vulnerability in Chrome affects Chrome browsers that are not the latest on all platforms (Windows, Mac OS, and Linux).According to Google, this local privilege escalation vulnerability could be exploited together with the vulnerability (CVE-2019-5786) in Google Chrome announced last week, to take control of the machine of the victim.įinding this vulnerability exploited in the wild, Google decided to release this vulnerability to alert users.Ĭurrently, Google Chrome has pushed an automatic update to fix the vulnerability (CVE-2019-5786) and Windows is still preparing the related vulnerability patch.įor details, please click the following link: On March 7 (local time), Google released a security advisory to announce the existence of a Microsoft Windows vulnerability.
0 kommentar(er)
