Google Project Zero researchers find ‘crazy bad’ Windows RCE flaw
A remote code execution (RCE) vulnerability is about as bad as it gets. And if it is in Windows, then a multitude of people are at risk until it is patched.The question is, though, if the existence of a critical flaw is disclosed shortly before Patch Tuesday, will Microsoft scramble to immediately close that hole or will the company sit on it and wait out the 90-day disclosure deadline? We will find out tomorrow on Patch Tuesday if Microsoft took immediate action to close a “crazy bad” RCE flaw in Windows that was discovered by Google’s zero-day finders.On the cusp of the weekend, Google Project Zero researcher Tavis Ormandy sent out an alarming tweet. He and fellow Project Zero researcher Natalie Silvanovich had discovered not just an RCE in Windows, but the “worst Windows remote code exec in recent memory.” He went so far as to call it “crazy bad.”To read this article in full or to leave a comment, please click here