Category Archives: Google Project Zero

Google Discloses 20-Year-Old Unpatched Flaw Affecting All Versions of Windows

Update — With this month's patch Tuesday updates, Microsoft has finally addressed this vulnerability, tracked as CVE-2019-1162, by correcting how the Windows operating system handles calls to Advanced Local Procedure Call (ALPC).A Google security researcher has just disclosed details of a 20-year-old unpatched high-severity vulnerability affecting all versions of Microsoft Windows, back

Google Researchers Disclose PoCs for 4 Remotely Exploitable iOS Flaws

Google's cybersecurity researchers have finally disclosed details and proof-of-concept exploits for 4 out of 5 security vulnerabilities that could allow remote attackers to target Apple iOS devices just by sending a maliciously-crafted message over iMessage.All the vulnerabilities, which required no user interaction, were responsibly reported to Apple by Samuel Groß and Natalie Silvanovich

Latest iOS 12.1.4 Update Patches 2 Zero-Day and FaceTime Bugs

Apple has finally released iOS 12.1.4 software update to patch the terrible Group FaceTime privacy bug that could have allowed an Apple user to call you via the FaceTime video chat service and hear or see you before you even pick up the call without your knowledge.The Facetime bug (CVE-2019-6223) was discovered by 14-year-old Grant Thompson of Catalina Foothills High School while he was

New Spectre (Variant 4) CPU Flaw Discovered—Intel, ARM, AMD Affected

Security researchers from Microsoft and Google have discovered a fourth variant of the data-leaking Meltdown-Spectre security flaws impacting modern CPUs in millions of computers, including those marketed by Apple.Variant 4 comes weeks after German computer magazine Heise reported about a set of eight Spectre-class vulnerabilities in Intel CPUs and a small number of ARM processors, which may