Google’s Project Zero reveals a vulnerability in Windows after Microsoft failed to patch it in time

2 min. read

Published onFebruary 18, 2017

published onFebruary 18, 2017

Share this article

Read our disclosure page to find out how can you help Windows Report sustain the editorial teamRead more

Google’s Project Zero has found a vulnerability in Windows 10, and they’vetaken it upon themselves to expose it. The vulnerability lies in the gdi32.dll file that is used by a significant amount of programs. To go over the gritty technical details would be overkill, but if you’re the sort of person who can comb through programming jargon, you’re free toread the full report here.

For those who don’t know, Google’s Project Zero is a group in Google dedicated to identifying zero day vulnerabilities in the hopes that they can find them before truly malicious people can. In the event that Project Zero finds a vulnerability, they report it to the software manufacturer and give them 90 days to fix the issue. If the issue isn’t fixed in that time frame, Project Zero will make the report publicly available so that users can protect themselves.

Microsoft hasn’t yet commented on the now-public report of the exploit, so we aren’t sure when a fix is coming. It’s entirely possible that the fix could have been on its way in this month’s Patch Tuesday, but that patch has beendelayed to March 14th.

This exploit isn’t particularly nasty, so – in theory – you shouldn’t have to worry too much about it. Hopefully, the hole will be plugged sooner rather than later so we can all feel a bit better about our safety on Windows 10.

Radu Tyrsina

Radu Tyrsina has been a Windows fan ever since he got his first PC, a Pentium III (a monster at that time).

For most of the kids of his age, the Internet was an amazing way to play and communicate with others, but he was deeply impressed by the flow of information and how easily you can find anything on the web.

Prior to founding Windows Report, this particular curiosity about digital content enabled him to grow a number of sites that helped hundreds of millions reach faster the answer they’re looking for.

User forum

0 messages

Sort by:LatestOldestMost Votes

Comment*

Name*

Email*

Commenting as.Not you?

Save information for future comments

Comment

Radu Tyrsina

With KB5043178 to Release Preview Channel, Microsoft advises Windows 11 users to plug in when the battery is low#

Copilot in Outlook will generate personalized themes for you to customize the app#

Microsoft will raise the price of its 365 Suite to include AI capabilities#

Death Stranding Director’s Cut is now Xbox X|S at a huge discount#

Outlook will let users create custom account icons so they can tell their accounts apart easier#

Google’s Project Zero reveals a vulnerability in Windows after Microsoft failed to patch it in time#

With KB5043178 to Release Preview Channel, Microsoft advises Windows 11 users to plug in when the battery is low

Copilot in Outlook will generate personalized themes for you to customize the app

Microsoft will raise the price of its 365 Suite to include AI capabilities

Death Stranding Director’s Cut is now Xbox X|S at a huge discount

Outlook will let users create custom account icons so they can tell their accounts apart easier

Google’s Project Zero reveals a vulnerability in Windows after Microsoft failed to patch it in time