Google's Project Zero security team has publicly disclosed multiple flaws in certain Linux kernels and distros following Red Hat's inability to fix them within the 90-day deadline assigned by Google.
Google project zero RSS
Google's Project Zero team has publicly exposed a high severity flaw related to how Chrome OS handles USB authentication when a device is locked. It's unclear as to when a fix will be available.
_medium.jpg)
Google's Project Zero team has published its findings for 0-day exploits in the year 2021. It detected the most 0-days in this year but some positive insights that can be drawn too.
Linux is a lot safer than Windows, macOS, and others because open-source programmers are racing to fix security vulnerabilities in record time, claim security researchers at Google's Project Zero.
_medium.jpg)
In this week's recap of everything that happened in the Microsoft-verse in the past few days, we have news related to a lot of Windows 11 leaks, a bunch of Teams upgrades, and some security insights.
Google's Project Zero team has shared some interesting stats regarding its findings for the past couple of years today. Interestingly, it found the most security issues in Microsoft products.
Google Project Zero has disclosed yet another Windows vulnerability that can lead to elevation of privilege. Microsoft had initially stated that it would not resolve it, but is now working on a fix.
Google's Project Zero team has disclosed yet another elevation of privilege exploit present in Windows given Microsoft's inability to properly fix it in the given 90 days time frame.
"Half-double" is a Rowhammer exploit which grants access to wider memory addresses on newer DRAM chips. Malicious code can potentially take control of the full system through this hardware bypass.
Malicious actors, reportedly from North Korea, are targeting security researchers with social engineering attacks using fake social media accounts, exploit claims, and injected malware.
Following multiple delays from Microsoft, Google's Project Zero security team has disclosed yet another high severity security flaw in Windows. If exploited, it can cause elevation of privilege.
Following a botched fix by Qualcomm which caused a new kernel privilege escalation bug, Google Project Zero has publicly disclosed details of a high severity security flaw in the Adreno GPU driver.
The "high" severity security flaw in GitHub publicly disclosed by Google's Project Zero team earlier this month has finally been patched. The security team has validated the fix and closed it.
Google's Project Zero team has disclosed a "high" severity security flaw in GitHub following the latter's inability to provide a fix in the 104 days - which includes a grace period - allotted to it.
Google's Project Zero team has publicly revealed yet another security flaw in Windows which allows elevation of privilege, claiming that Microsoft's fix is incomplete and does not resolve the issue.
The California-based firm slated Google's Project Zero for misrepresenting the scale and time period of the attack, and ensured customers that the vulnerability had already been fixed months back.
Google has revealed some discoveries made by its Project Zero team, indicating that attackers were targeting iPhone users over at least two years using security flaws fixed by Apple in February.
New variants of Spectre have been discovered by Microsoft and Google, which allow attackers to read privileged data. While mitigations will be available soon, they will result in a performance hit.
Despite Microsoft's repeated requests for an extension to the standard 90-day disclosure deadline, Google has gone on to reveal a "medium" severity flaw in systems with UMCI, such as Windows 10 S.
Google has exposed a "high" severity issue in Windows 10 version 1709, which allows the elevation of privilege by arbitrarily changing a file's security descriptor, but it can't be done remotely.
After Microsoft's failure to fix a flaw in its Edge browser in the allotted time, Google has publicly disclosed the bug - which allows bypassing Edge's ACG and creating an executable page in memory.
