Google has disclosed details of a new zero-day privilege escalation flaw in the Windows operating system that’s being actively exploited in the wild. The security team made the details public following a seven-day disclosure deadline because of evidence that it’s under active exploitation. The exploit chain requires linking CVE-2020-17087 with another Chrome browser zero day that was fixed by Google last week. The vulnerability is “not related to any US election-related targeting,” Google’s Project Zero’s Ben Hawkes said.
Source: https://thehackernews.com/2020/11/warning-google-discloses-windows-zero.html