Windows kernel vulnerability is exploited in targeted attacks, according to Project Zero
Google's oday bug-hunting team Project Zero has stated that a zero-day elevation of privileges vulnerability has been spotted in Windows kernel and is already being abused in targeted attacks.
The flaw is tracked as CVE-2020-17087.
The Windows kernel bug can be exploited by local attackers for privilege escalation.
Project Zero has provided a proof-of-concept exploit that can be used to crash vulnerable Windows systems disregard their configurations.
Read more...