As computer security grows more and more complex, companies are finding new ways to tackle the issues of security, privacy, hacking, and more. On Friday, Google came out and announced a fix to a Windows 8.1 vulnerability, which was announced before Microsoft could fix it, which is a positive and negative.
Microsoft generally pushes updates to Windows on a regular cycle, but when a manufacturer the size of Google notices it hasn’t been fixed quickly, it takes action. It published the exploit along with its fix, and Microsoft has responded by alerting users and its points towards Project Zero.
Who Is Project Zero?
Project Zero is a group within Google, and their goal is to tackle computer security. They found this vulnerability within Microsoft, and found this Windows 8.1 security hole. This security hole alowed lower-level users to become administators, giving them access to server functions and their higher uses.
Microsoft pointed out that this whole thing was a very lower-level bug, and that the attackers would need valid logon credentials to log on to the targeted machine. Microsoft stated that this bug was reported to Microsoft on September 30 and a 90-day deadline statement, and this time passed when Google posted it.
Microsoft sees this Project Zero team as both a positive and a negative. They see that they had 90 days to fix this problem, but hadn’t for various reasons. They and Google are natural combative enemies in the tech space, but Microsoft still needs enough time to fix it on their own, according to them.
Microsoft has stated that they are working on a patch to release as a security update to address an Elevation of Privlege issue. This might be coming soon or might be at a later date, but either way, they are aware of the issue. It is something that needs to be fixed in Windows 8.1 soon though.
Windows 8.1 has flaws and sometimes other people find them. In this case, Google found them.