New Windows 10 Zero Day Vulnerability Can Let Hackers Seize Control Of Your Pc
According to GPZ, CVE-2020-17087 is a vulnerability in the Windows Kernel Cryptography Driver and, “constitutes a locally accessible attack surface that can be exploited for privilege escalation (such as sandbox escape)”. What that means in essence is that it might allow an attacker to trigger a pool-based buffer overflow, leading to a system crash, thereby enabling possible exploitation. “The bug resides in the cng!CfgAdtpFormatPropertyBlock function and is caused by a 16-bit integer truncation issue“, said the Project Zero team....