Google has revealed details about a flaw in Microsoft Edge browser after Microsoft missed the deadline for fixing it. Google had previously notified Microsoft about the vulnerability in the browser via Project Zero, giving them the usual 90-day disclosure deadline.
More About the Unfixed Microsoft Edge Vulnerability
The report was about a bug in Edge’s Arbitrary Code Guard feature, and was released back in November. It should be noted that Google gave extra time to Microsoft – an additional two weeks on request – but despite the extra time the flaw is still existent in Windows 10.
Aqui está o descrição oficial of the bug:
If a content process is compromised and the content process can predict on which address JIT process is going to call VirtualAllocEx() Próximo (Nota: it is fairly predictable), content process can:
1. Unmap the shared memory mapped above above using UnmapViewOfFile()
2. Allocate a writable memory region on the same address JIT server is going to write and write an soon-to-be-executable payload there.
3. When JIT process calls VirtualAllocEx(), even though the memory is already allocated, the call is going to succeed and the memory protection is going to be set to PAGE_EXECUTE_READ.
Wait for March 2018 patch Tuesday
Como mencionado no início, Google gave Microsoft two additional weeks after the latter said it needed more time as the issue was more complex than initially thought. Contudo, Microsoft missed the second deadline and Google went public. janelas 10 users who are running the Microsoft Edge browser should wait for March 2018 Patch Tuesday for a fix.