14 DAY TRIAL // Google engineers are once again helping tech giant Microsoft resolve some critical security flaws in its products, this time affecting both Windows 7 and Windows 8.
Tavis Ormandy, who works as Information Security Engineer at Google, has decided to fully disclose a flaw affecting Microsoft’s two newest operating systems that would allow attackers to obtain escalated privileges on an unpatched computer.
While Microsoft encourages security researchers who find vulnerabilities in its products to keep them private and work with the company on developing patches, Ormany has decided to publish the details because he doesn’t have “the time to work on silly Microsoft code,” according to a report by The Verge.
This isn’t the first vulnerability found by Ormany in Microsoft products and it’s not unusual to see Google engineers work with the tech giant on fixing security flaws in Windows or Office.
But Ormany says that Microsoft “treats vulnerability researchers with great hostility” and the company “is often very difficult to work with.”
While one could easily get this public disclosure as a response to the recent anti-Google campaigns launched from Redmond, it’s pretty clear that Microsoft needs to work with security engineers and develop patches that could protect users and keep their data on the safe side.
According to the same report, the tech giant is already aware of the vulnerability, so the company is currently looking into it, which means that a full patch could be released sometime in the near future.
Security company Secunia rates the flaw as “less critical” and confirms that it exists on both Windows 7 and Windows 8 computers.
“The vulnerability is caused due to an error within "win32k.sys" when processing certain objects and can be exploited to cause a crash or execute arbitrary code with the kernel privilege. The vulnerability is confirmed on a fully patched Windows 7 x86 Professional (win32k.sys version 6.1.7601.18126) and reported on Windows 8. Other versions may also be affected,” Secunia wrote.