Share This Post

Patch Management / Patch Tuesday / Windows / Windows 10 / Windows 7

Microsoft’s Attempt to Fix a Windows Kernel Vulnerability in June Fails, Case Reopened

A flaw reported by Google to Microsoft in Windows 7 through Windows 10 was supposedly fixed during Patch Tuesday this month (June 2017). But, according to Google and confirmed by Microsoft, the patch did not fix the open hole. As such, Google has reopened the case…

Windows Kernel pool memory disclosure in nt!NtNotifyChangeDirectoryFile

According to Microsoft’s confirmation, customers shouldn’t expect a fix until July or August.

MSRC has indeed confirmed that the fix released on June Patch Tuesday is incorrect and doesn’t resolve the bug properly. As such, the vulnerability still reproduces on Windows 7-10 with the original proof-of-concept program. A revised fix is expected to be shipped in the July (7/11) or August (8/8) Patch Tuesday at the latest.

 


Looking for an awesome, no-nonsense technical conference for IT Pros, Developers, and DevOps? IT/Dev Connections kicks off in San Francisco in 2017!

IT/Dev Connections

Share This Post

Leave a Reply