Home Software Windows 10 Jailbreak 0Day Vulnerability Revealed By Google Project Zero In Windows...

Windows 10 Jailbreak 0Day Vulnerability Revealed By Google Project Zero In Windows 10 .NET Framework

0
SHARE

Windows 10 is still in the focus of Google Project Zero. The project that had already revealed the first flaw in the Edge browser before Microsoft was able to patch has just revealed, under the same conditions, a new big vulnerability permitting a Windows 10 jailbreak to bypass apps lockdown.

Google Project Zero has also revealed a Microsoft Edge flaw in February

A few months ago the IT security specialists revealed a big security flaw in the Microsoft Edge browser, which allowed any malicious person to execute arbitrary code from a web page, making it possible to take full control over a computer.

Security researchers from Google Project Zero found a new 0day vulnerability in Windows 10

The flaw in Edge is actually related to a design problem and required “significant work” according to Microsoft.

The new vulnerability allows for elevation of privileges and the possibility of an attack.

This recently found 0day vulnerability allows an attacker to bypass Windows 10 Device Guard feature which is useful for the OS to lock presumably-malicious software and run only the whitelisted apps.

A .NET framework security flaw makes possible this Windows 10 jailbreak vulnerability

According to the experts, the bug is just one of several other vulnerabilities found within .NET Framework, which are not yet fixed by Microsoft.

As the specialists from Google Project Zero has demonstrated, it is still possible to bypass the Device Guard in Windows 10 and to allow any hacker to run code lines to gain access to Windows registry and several other important areas of the OS.

This new vulnerability revealed by Google Project Zero requires physical access to the computers running Windows 10, thus, a remote attack is not possible. Therefore, Microsoft is considering this 0day vulnerability in Windows 10 as “Important” but not “Critical”, so the fix for this bug is late to be released making possible a Windows jailbreak.