• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Google Project Zero Finds Windows Vulnerabilty, "Worst in Recent Memory"

Joined
Aug 20, 2007
Messages
20,709 (3.41/day)
System Name Pioneer
Processor Ryzen R9 7950X
Motherboard GIGABYTE Aorus Elite X670 AX
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory 64GB (4x 16GB) G.Skill Flare X5 @ DDR5-6000 CL30
Video Card(s) XFX RX 7900 XTX Speedster Merc 310
Storage 2x Crucial P5 Plus 2TB PCIe 4.0 NVMe SSDs
Display(s) 55" LG 55" B9 OLED 4K Display
Case Thermaltake Core X31
Audio Device(s) TOSLINK->Schiit Modi MB->Asgard 2 DAC Amp->AKG Pro K712 Headphones or HDMI->B9 OLED
Power Supply FSP Hydro Ti Pro 850W
Mouse Logitech G305 Lightspeed Wireless
Keyboard WASD Code v3 with Cherry Green keyswitches
Software Windows 11 Enterprise (legit), Gentoo Linux x64
Google's Project Zero has found yet another critical Windows Vulnerability, this time going so far as to call it "Crazy Bad" in a lone tweet by Google security researcher Tavis Ormandy. Tavis went on to elaborate that the vulnerability "works against a default install, [you] don't need to be on the same LAN, and it's wormable."

Sounds like the stuff of nightmares from a security perspective, right? The good news is Google's policy is to give companies 90 days to patch bugs like this before revealing the exploits details. The idea is to pressure developers to fix vulnerabilities before the reveal, so users remain protected and companies are forced to act rather than adopt a "wait and see" approach. Microsoft however, does not have the best follow-up reputation, having left at least two major security bugs unpatched for the entire 90-day security-flaw reveal window as recently as this year.



One would hope they are a little more expedient on this one, or we could see some massive computer software carnage, for lack of a better term.

UPDATE: This issue has been patched by Microsoft, and has been detailed to be a Remote Execution Vulnerability in Windows Defender. Needless to say, this is an update you don't want to miss. Microsoft should be praised for it's rapid response here.

https://technet.microsoft.com/en-us/library/security/4022344

Credit for pointing this out goes to acbluflame.

View at TechPowerUp Main Site
 
Last edited by a moderator:
Joined
Mar 4, 2015
Messages
261 (0.08/day)
I presume they do actually reveal what the problem is to the company in question, rather than say, "hey, you have a critical security flaw in your product, but we're not gonna tell ya what it is. You've got 90 days. Good luck!"
 
Joined
Feb 11, 2009
Messages
5,389 (0.98/day)
System Name Cyberline
Processor Intel Core i7 2600k -> 12600k
Motherboard Asus P8P67 LE Rev 3.0 -> Gigabyte Z690 Auros Elite DDR4
Cooling Tuniq Tower 120 -> Custom Watercoolingloop
Memory Corsair (4x2) 8gb 1600mhz -> Crucial (8x2) 16gb 3600mhz
Video Card(s) AMD RX480 -> ... nope still the same :'(
Storage Samsung 750 Evo 250gb SSD + WD 1tb x 2 + WD 2tb -> 2tb MVMe SSD
Display(s) Philips 32inch LPF5605H (television) -> Dell S3220DGF
Case antec 600 -> Thermaltake Tenor HTCP case
Audio Device(s) Focusrite 2i4 (USB)
Power Supply Seasonic 620watt 80+ Platinum
Mouse Elecom EX-G
Keyboard Rapoo V700
Software Windows 10 Pro 64bit
I presume they do actually reveal what the problem is to the company in question, rather than say, "hey, you have a critical security flaw in your product, but we're not gonna tell ya what it is. You've got 90 days. Good luck!"

yep thats how it works, the inform the company about it and its up to the company to spend time effort and money to fix it.
obviously a company does not want to spend time effort and especially money so yeah to pressure them this flaw will be revealed to the world in 3 months.

and while I support this method because it sadly seems necessary I find it interesting that there is not bs law or at least lawsuit against the practice of making the flaw public.
we have seen many ridiculous things being apparently against the law that handily protect humanity destroying crap like lobbyist etc, so yeah, this being an exception is welcome surprise, but a surprise non the less.
 
Joined
Mar 16, 2017
Messages
1,633 (0.64/day)
Location
Tanagra
System Name Budget Box
Processor Xeon E5-2667v2
Motherboard ASUS P9X79 Pro
Cooling Some cheap tower cooler, I dunno
Memory 32GB 1866-DDR3 ECC
Video Card(s) XFX RX 5600XT
Storage WD NVME 1GB
Display(s) ASUS Pro Art 27"
Case Antec P7 Neo
I think them publicizing it should depend on the response from the owner of the code. If this issue is "crazy bad," it might also take time to patch and test, especially if the details are not very extensive. Then there's the whole publishing a bad exploit that puts users at more risk. Even if users aware of the issue could take preventative measures, how many millions of others would be totally unaware and exposed? And how soon could the nefarious exploit it versus a counter measure being discovered and implemented? Lastly, isn't google also a company that doesn't always respond to known issues in their own code?
 
Joined
Aug 20, 2007
Messages
20,709 (3.41/day)
System Name Pioneer
Processor Ryzen R9 7950X
Motherboard GIGABYTE Aorus Elite X670 AX
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory 64GB (4x 16GB) G.Skill Flare X5 @ DDR5-6000 CL30
Video Card(s) XFX RX 7900 XTX Speedster Merc 310
Storage 2x Crucial P5 Plus 2TB PCIe 4.0 NVMe SSDs
Display(s) 55" LG 55" B9 OLED 4K Display
Case Thermaltake Core X31
Audio Device(s) TOSLINK->Schiit Modi MB->Asgard 2 DAC Amp->AKG Pro K712 Headphones or HDMI->B9 OLED
Power Supply FSP Hydro Ti Pro 850W
Mouse Logitech G305 Lightspeed Wireless
Keyboard WASD Code v3 with Cherry Green keyswitches
Software Windows 11 Enterprise (legit), Gentoo Linux x64
I presume they do actually reveal what the problem is to the company in question, rather than say, "hey, you have a critical security flaw in your product, but we're not gonna tell ya what it is. You've got 90 days. Good luck!"

Yes, they do.


This does not appear to be the same issue, it's severity is far lower than this issue report. Unless I am missing something.

UPDATE: No, you are right. Thanks, I will update the opening post.

Is funny because Google Chrome itself and Android are full of vulnerabilities :)

Really, all products are. Vulnerabilities of this grade are rare though. The last time the open source community had anything near this was the ShellShock incident.

Like I've said so many times, the end is nigh.

The end is always nigh. As long as it stays "nigh" and not "now" I'm happy.
 
Last edited:

eidairaman1

The Exiled Airman
Joined
Jul 2, 2007
Messages
40,435 (6.61/day)
Location
Republic of Texas (True Patriot)
System Name PCGOD
Processor AMD FX 8350@ 5.0GHz
Motherboard Asus TUF 990FX Sabertooth R2 2901 Bios
Cooling Scythe Ashura, 2×BitFenix 230mm Spectre Pro LED (Blue,Green), 2x BitFenix 140mm Spectre Pro LED
Memory 16 GB Gskill Ripjaws X 2133 (2400 OC, 10-10-12-20-20, 1T, 1.65V)
Video Card(s) AMD Radeon 290 Sapphire Vapor-X
Storage Samsung 840 Pro 256GB, WD Velociraptor 1TB
Display(s) NEC Multisync LCD 1700V (Display Port Adapter)
Case AeroCool Xpredator Evil Blue Edition
Audio Device(s) Creative Labs Sound Blaster ZxR
Power Supply Seasonic 1250 XM2 Series (XP3)
Mouse Roccat Kone XTD
Keyboard Roccat Ryos MK Pro
Software Windows 7 Pro 64
Joined
Sep 15, 2011
Messages
6,457 (1.41/day)
Processor Intel® Core™ i7-13700K
Motherboard Gigabyte Z790 Aorus Elite AX
Cooling Noctua NH-D15
Memory 32GB(2x16) DDR5@6600MHz G-Skill Trident Z5
Video Card(s) ZOTAC GAMING GeForce RTX 3080 AMP Holo
Storage 2TB SK Platinum P41 SSD + 4TB SanDisk Ultra SSD + 500GB Samsung 840 EVO SSD
Display(s) Acer Predator X34 3440x1440@100Hz G-Sync
Case NZXT PHANTOM410-BK
Audio Device(s) Creative X-Fi Titanium PCIe
Power Supply Corsair 850W
Mouse Logitech Hero G502 SE
Software Windows 11 Pro - 64bit
Benchmark Scores 30FPS in NFS:Rivals
Is funny because Google Chrome itself and Android are full of vulnerabilities :)
Is so bad, that most of Financial companies are denying installation of Chrome on the company's stations.
Mine included ;)
 
Joined
Jan 29, 2012
Messages
6,401 (1.44/day)
Location
Florida
System Name natr0n-PC
Processor Ryzen 5950x/5600x
Motherboard B450 AORUS M
Cooling EK AIO - 6 fan action
Memory Patriot - Viper Steel DDR4 (B-Die)(4x8GB)
Video Card(s) EVGA 3070ti FTW
Storage Various
Display(s) PIXIO IPS 240Hz 1080P
Case Thermaltake Level 20 VT
Audio Device(s) LOXJIE D10 + Kinter Amp + 6 Bookshelf Speakers Sony+JVC+Sony
Power Supply Super Flower Leadex III ARGB 80+ Gold 650W
Software XP/7/8.1/10
Benchmark Scores http://valid.x86.fr/79kuh6
Joined
Jul 16, 2014
Messages
8,115 (2.29/day)
Location
SE Michigan
System Name Dumbass
Processor AMD Ryzen 7800X3D
Motherboard ASUS TUF gaming B650
Cooling Artic Liquid Freezer 2 - 420mm
Memory G.Skill Sniper 32gb DDR5 6000
Video Card(s) GreenTeam 4070 ti super 16gb
Storage Samsung EVO 500gb & 1Tb, 2tb HDD, 500gb WD Black
Display(s) 1x Nixeus NX_EDG27, 2x Dell S2440L (16:9)
Case Phanteks Enthoo Primo w/8 140mm SP Fans
Audio Device(s) onboard (realtek?) - SPKRS:Logitech Z623 200w 2.1
Power Supply Corsair HX1000i
Mouse Steeseries Esports Wireless
Keyboard Corsair K100
Software windows 10 H
Benchmark Scores https://i.imgur.com/aoz3vWY.jpg?2
you're wrong! the thigh is in the middle no where near the end. :kookoo::twitch:
 
Joined
Oct 22, 2014
Messages
13,210 (3.83/day)
Location
Sunshine Coast
System Name Black Box
Processor Intel Xeon E3-1260L v5
Motherboard MSI E3 KRAIT Gaming v5
Cooling Tt tower + 120mm Tt fan
Memory G.Skill 16GB 3600 C18
Video Card(s) Asus GTX 970 Mini
Storage Kingston A2000 512Gb NVME
Display(s) AOC 24" Freesync 1m.s. 75Hz
Case Corsair 450D High Air Flow.
Audio Device(s) No need.
Power Supply FSP Aurum 650W
Mouse Yes
Keyboard Of course
Software W10 Pro 64 bit
Joined
Dec 15, 2016
Messages
630 (0.24/day)
Is so bad, that most of Financial companies are denying installation of Chrome on the company's stations.
Mine included ;)

I´m using SRWare Iron for some time now and for the first time in my life I´m considering buying an apple product (Iphone), because Android malware got way out of control.
 
Joined
May 29, 2012
Messages
514 (0.12/day)
System Name CUBE_NXT
Processor i9 12900K @ 5.0Ghz all P-cores with E-cores enabled
Motherboard Gigabyte Z690 Aorus Master
Cooling EK AIO Elite Cooler w/ 3 Phanteks T30 fans
Memory 64GB DDR5 @ 5600Mhz
Video Card(s) EVGA 3090Ti Ultra Hybrid Gaming w/ 3 Phanteks T30 fans
Storage 1 x SK Hynix P41 Platinum 1TB, 1 x 2TB, 1 x WD_BLACK SN850 2TB, 1 x WD_RED SN700 4TB
Display(s) Alienware AW3418DW
Case Lian-Li O11 Dynamic Evo w/ 3 Phanteks T30 fans
Power Supply Seasonic PRIME 1000W Titanium
Software Windows 11 Pro 64-bit
Is so bad, that most of Financial companies are denying installation of Chrome on the company's stations.
Mine included ;)
But it's a statistically proven fact - at every Pwn2Own even - that Chrome is among the hardest, if not the hardest browser to exploit. Followed usually by Edge or some other heavily sandboxed browser (so this excludes Firefox).

That literally makes no sense.
 
Joined
Dec 15, 2016
Messages
630 (0.24/day)
Apart from the lack of customization/extensions/plugins (wich are a big deal if you ask me), Edge is already a much better browser than chrome imo. Not to mention that chrome is like an OS inside another OS. The thing is killing CPUs and Ram usage got beyond acceptable. You can almost max out 8gb ram with Windows 10 + chrome with 10 tabs. My GPU is warmer on chrome than in some games I play.
 

eidairaman1

The Exiled Airman
Joined
Jul 2, 2007
Messages
40,435 (6.61/day)
Location
Republic of Texas (True Patriot)
System Name PCGOD
Processor AMD FX 8350@ 5.0GHz
Motherboard Asus TUF 990FX Sabertooth R2 2901 Bios
Cooling Scythe Ashura, 2×BitFenix 230mm Spectre Pro LED (Blue,Green), 2x BitFenix 140mm Spectre Pro LED
Memory 16 GB Gskill Ripjaws X 2133 (2400 OC, 10-10-12-20-20, 1T, 1.65V)
Video Card(s) AMD Radeon 290 Sapphire Vapor-X
Storage Samsung 840 Pro 256GB, WD Velociraptor 1TB
Display(s) NEC Multisync LCD 1700V (Display Port Adapter)
Case AeroCool Xpredator Evil Blue Edition
Audio Device(s) Creative Labs Sound Blaster ZxR
Power Supply Seasonic 1250 XM2 Series (XP3)
Mouse Roccat Kone XTD
Keyboard Roccat Ryos MK Pro
Software Windows 7 Pro 64
Apart from the lack of customization/extensions/plugins (wich are a big deal if you ask me), Edge is already a much better browser than chrome imo. Not to mention that chrome is like an OS inside another OS. The thing is killing CPUs and Ram usage got beyond acceptable. You can almost max out 8gb ram with Windows 10 + chrome with 10 tabs. My GPU is warmer on chrome than in some games I play.

if you like that customization in phones just update the Android to the latest for yours.
 
Joined
Sep 17, 2014
Messages
20,775 (5.97/day)
Location
The Washing Machine
Processor i7 8700k 4.6Ghz @ 1.24V
Motherboard AsRock Fatal1ty K6 Z370
Cooling beQuiet! Dark Rock Pro 3
Memory 16GB Corsair Vengeance LPX 3200/C16
Video Card(s) ASRock RX7900XT Phantom Gaming
Storage Samsung 850 EVO 1TB + Samsung 830 256GB + Crucial BX100 250GB + Toshiba 1TB HDD
Display(s) Gigabyte G34QWC (3440x1440)
Case Fractal Design Define R5
Audio Device(s) Harman Kardon AVR137 + 2.1
Power Supply EVGA Supernova G2 750W
Mouse XTRFY M42
Keyboard Lenovo Thinkpad Trackpoint II
Software W10 x64
Is so bad, that most of Financial companies are denying installation of Chrome on the company's stations.
Mine included ;)

I work at a big name bank/insurance company and Chrome is the only browser besides IE11 right now that you can install, we even actively USE Chrome so we can test in a sandbox, and work in a sandbox, and 9 out of 10 times if we have service interruptions, accessing application through Chrome will show the most reliable results :p

So I would suggest you question the competence of your IT department over there, before you question Chrome's security :D The risk factor in my line of work is way too high and Chrome's sandbox is actually a big improvement over IE11 in terms of managing that risk. Keep in mind that the main reason for IE is because legacy applications run on IE and *may* not run on other browsers because they weren't built for that. Also, remember that building for IE was always the main cause for stagnation for any intranet based application in the workplace :) These days, companies want lean applications that can be browser independant.
 
Joined
Dec 30, 2010
Messages
2,082 (0.43/day)
Apart from the lack of customization/extensions/plugins (wich are a big deal if you ask me), Edge is already a much better browser than chrome imo. Not to mention that chrome is like an OS inside another OS. The thing is killing CPUs and Ram usage got beyond acceptable. You can almost max out 8gb ram with Windows 10 + chrome with 10 tabs. My GPU is warmer on chrome than in some games I play.

Close chrome fully once in a while, it will free up cache / used ram. As for the GPU, Chrome is using hardware acceleration which is normal.
 
Joined
Jan 10, 2011
Messages
1,301 (0.27/day)
Location
[Formerly] Khartoum, Sudan.
System Name 192.168.1.1~192.168.1.100
Processor AMD Ryzen5 5600G.
Motherboard Gigabyte B550m DS3H.
Cooling AMD Wraith Stealth.
Memory 16GB Crucial DDR4.
Video Card(s) Gigabyte GTX 1080 OC (Underclocked, underpowered).
Storage Samsung 980 NVME 500GB && Assortment of SSDs.
Display(s) LG 24MK430 primary && Samsung S24D590 secondary
Case Corsair Graphite 780T.
Audio Device(s) On-Board.
Power Supply SeaSonic CORE GM-650.
Mouse Coolermaster MM530.
Keyboard Kingston HyperX Alloy FPS.
VR HMD A pair of OP spectacles.
Software Ubuntu 22.04 LTS.
Benchmark Scores Me no know English. What bench mean? Bench like one sit on?
Then there's the whole publishing a bad exploit that puts users at more risk. Even if users aware of the issue could take preventative measures, how many millions of others would be totally unaware and exposed? And how soon could the nefarious exploit it versus a counter measure being discovered and implemented? Lastly, isn't google also a company that doesn't always respond to known issues in their own code?

Security through obscurity is bad, it's merely a delusion made up by lazy devs who can't be bothered being on call 24/7. Project Zero gives the software's developer up to three months to respond to issues before disclosing them in detail.


And as much as I am sceptic of this "Google is good" thing they keep repeating (or whatever they say), I don't recall an incident where Google refused or neglected to react to a severe issue with their products. Only two that come close are the [in]famous Android vulnerabilities, to which Google responded quickly enough but the issue remained because it was the OEMs' job to push the updates, and the Chrome memory and power consumption issues, which aren't security ones (and the former could be argued to be a system requirement).
 
Joined
Jul 5, 2013
Messages
25,559 (6.52/day)
UPDATE: This issue has been patched by Microsoft, and has been detailed to be a Remote Execution Vulnerability in Windows Defender. Needless to say, this is an update you don't want to miss. Microsoft should be praised for it's rapid response here.
So for those of us who don't use and remove[delete] Windows Defender, this was and is non-issue.

Is funny because Google Chrome itself and Android are full of vulnerabilities :)
Name ONE unpatched vulnerability in Android or Chrome. Just one..

With that challenge I'm calling BS. Google is nearly legendary for fixing security problems quickly. If you're going to try making funny quips, make sure they're backed by fact.

I´m using SRWare Iron for some time now and for the first time in my life I´m considering buying an apple product (Iphone), because Android malware got way out of control.
OORR, and I'm going to go out on a limb here, you could try to use your Android device for something OTHER than visiting "ishouldntbehere dot com". Perhaps a firewall is in order? Do you know what a firewall is and how to use it? And just FYI there bucko, iOS has vulnerabilities too. And Apple is just as swift at fixing them as Google.

Apart from the lack of customization/extensions/plugins (wich are a big deal if you ask me), Edge is already a much better browser than chrome imo. Not to mention that chrome is like an OS inside another OS. The thing is killing CPUs and Ram usage got beyond acceptable. You can almost max out 8gb ram with Windows 10 + chrome with 10 tabs. My GPU is warmer on chrome than in some games I play.
Again either your computing ethic needs massive improvement, or you're on drugs. I'm a Firefox fan, but Chrome is easily it's best competitor. While Edge is ok, It's not open source and therefore not trustworthy. And Chrome kicks Edge in the "jelly-beans" performance wise. If you want to be taken seriously, you need to sound less like a fan-boy..
 
Last edited:
Joined
Dec 15, 2016
Messages
630 (0.24/day)
So for those of us who don't use and remove[delete] Windows Defender, this was and is non-issue.


Name ONE unpatched vulnerability in Android or Chrome. Just one..

With that challenge I'm calling BS. Google is nearly legendary for fixing security problems quickly. If you're going to try making funny quips, make sure they're backed by fact.


OORR, and I'm going to go out on a limb here, you could try to use your Android device for something OTHER than visiting "ishouldntbehere dot com". Perhaps a firewall is in order? Do you know what a firewall is and how to use it? And just FYI there bucko, iOS has vulnerabilities too. And Apple is just as swift at fixing them as Google.


Again either your computing ethic needs massive improvement, or you're on drugs. I'm a Firefox fan, but Chrome is easily it's best competitor. While Edge is ok, It's not open source and therefore not trustworthy. And Chrome kicks Edge in the "jelly-beans" performance wise. If you want to be taken seriously, you need to sound less like a fan-boy..

Sound like a fanboy? Do you even know what you saying? I use Android and google chrome for years. You are telling me that Android only gets malware if you visit websites that you shouldn´t, so let me tell you that even on the play store you can download apps that contain malware, what about that? Android is the easiest OS ever, next to Windows XP, where it is so easy to remote control/view without you even knowing what´s going on. I am a experienced user and I still had problems already with Android and that´s why I don´t keep any important information there, I don´t trust it. From facebook spam scripts to trojans, you can get anything in any app on the store. You never know, the quality control is awful and the breaches are huge.

As for chrome are you kidding me? How many extensions are full of worms and malware? Do you live in this world? And sure if you don´t install any you are safe. FML if you don´t use computers or phones at all you are safe.
 
Joined
Jul 5, 2013
Messages
25,559 (6.52/day)
Sound like a fanboy? Do you even know what you saying?
Yes, and to that I'm going to add the following; clueless.
I use Android and google chrome for years.
Just because you've used something for years does not mean you are an expert in it's functioning or use. Example; Lots of people know how to drive, but not everyone can be a race driver. Just because you USE a software platform doesn't make you an expert of it. I code on Android and make part of my living securing it and all the other platforms that cross my path. While I don't profess to know everything, I know enough to recognize an average user trying to play expert. More on that below.
You are telling me that Android only gets malware if you visit websites that you shouldn´t, so let me tell you that even on the play store you can download apps that contain malware, what about that?
I never said "only". However my statements above were in reference to vulnerabilities in the OS and web browser. I made no reference to malware actively downloaded by the user. This is an example of you misunderstanding the context of the article and underlying discussion of it.
Android is the easiest OS ever, next to Windows XP, where it is so easy to remote control/view without you even knowing what´s going on.
Wow. Ok. If you say so..
I am a experienced user and I still had problems already with Android and that´s why I don´t keep any important information there, I don´t trust it.
"Experienced" does not equal "expert in security". And what you're really saying is that you do not have enough real experience pertaining to the context of this discussion.
From facebook spam scripts to trojans, you can get anything in any app on the store. You never know, the quality control is awful and the breaches are huge.
More evidence you do not understand the context of the article, nor this discussion.
As for chrome are you kidding me? How many extensions are full of worms and malware? Do you live in this world? And sure if you don´t install any you are safe. FML if you don´t use computers or phones at all you are safe.
No, I'm quite serious. And again, just wow..
Even a simple flashlight app
I challenged you to post an known unpatched vulnerability in Android or Chrome and you post video about a malicious app.. Newsflash for you, this doesn't quality.

So I'm going to redirect your question back to you. What planet are YOU on?
 
Last edited:
Joined
Dec 15, 2016
Messages
630 (0.24/day)
I showed you at least one clear recent example (from yesterday news). What did you do? Quote every sentence and call other users "clueless" and "fanboys"? GG

Talking about fanboyism.....
 
Top