google researcher | Breaking Cybersecurity News | The Hacker News

A Google security researcher, ' James Forshaw ' has discovered a privilege escalation vulnerability in Windows 8.1 that could allow a hacker to modify contents or even to take over victims' computers completely, leaving millions of users vulnerable. The researcher also provided a Proof of Concept (PoC) program for the vulnerability. Forshaw says that he has tested the PoC only on an updated Windows 8.1 and that it is unclear whether earlier versions, specifically Windows 7, are vulnerable. Forshaw unearthed the bug in September 2014 and thereby notified on the Google Security Research mailing list about the bug on 30th September. Now, after 90 days disclosure deadline the vulnerability and Proof of Concept program was made public on Wednesday. The vulnerability resides in the function AhcVerifyAdminContext , an internal function and not a public API which actually checks whether the user is an administrator. "This function has a vulnerability where i

Google and Microsoft are at each other's throats again. In a recent statement, Microsoft says hackers have been actively exploiting a vulnerability that was publicly disclosed by a Google researcher,  Tavis Ormandy . Microsoft addressed the vulnerability in its monthly " Patch Tuesday " package of fixes for July. Tavis Ormandy revealed the vulnerability in Windows 7 and 8 allows local users to obtain escalated privileges , making it easier for a hacker to compromise a system. Ormandy has been criticized by Microsoft and some in the security community who subscribe to the practice that a vulnerability shouldn't be made public until a software maker has an opportunity to fix it. Ormandy said that Microsoft " treat vulnerability researchers with great hostility " and are " often very difficult to work with ". He also advised researchers to use pseudonyms when dealing with the software giants. In 2012, Tavis accused Sophos of " poor development practices

The introduction of Open AI's ChatGPT was a defining moment for the software industry, touching off a GenAI race with its November 2022 release. SaaS vendors are now rushing to upgrade tools with enhanced productivity capabilities that are driven by generative AI. Among a wide range of uses, GenAI tools make it easier for developers to build software, assist sales teams in mundane email writing, help marketers produce unique content at low cost, and enable teams and creatives to brainstorm new ideas.  Recent significant GenAI product launches include Microsoft 365 Copilot, GitHub Copilot, and Salesforce Einstein GPT. Notably, these GenAI tools from leading SaaS providers are paid enhancements, a clear sign that no SaaS provider will want to miss out on cashing in on the GenAI transformation. Google will soon launch its SGE "Search Generative Experience" platform for premium AI-generated summaries rather than a list of websites.  At this pace, it's just a matter of a short time befo