Google Project Zero

Google Project Zero team discloses a "high severity" flaw discovered in macOS kernel

The macOS kernel flaw grants the attacker to modify a mounted filesystem without user's knowledge

Intel failed to inform US cyber officials about Meltdown and Spectre vulnerabilities until it got leaked to the public

Officials claimed the government was not informed of the flaws before they became public because the flaws potentially held national security implications.

Critical bugs in uTorrent allow malicious websites to steal downloaded files and control your computer

Users will have to wait till an updated version is available. We would advise all you pirates out there to stop using the app till patches are in place.

Cloudflare memory leak dumps unknown quantity of sensitive, unencrypted data online

Web hosting provider Cloudflare has reported that a memory leak from their servers leaked a great deal of sensitive information, including passwords and cookies, in plain text.

Project Zero by Google finds a host of severe vulnerabilities in Symantec's security suites

Tavis Ormandy, a security analyst on the Project Zero team recently had a go at Symantec’s cyber-security offerings (this includes Norton by Symantec) and discovered that almost all the offerings had such severe vulnerabilities that they could “compromise the entire enterprise fleet” and worse.

After rift with Microsoft, Google to give vendors 14 day grace period to fix security flaws

Google has said it would give vendors a 14-day grace period if they promised to release a patch and fix the issue within two weeks.

Microsoft slams Google for disclosing Windows 8.1 security bug two days before it planned the fix

Microsoft has criticized Google for disclosing the Windows 8.1 security bug out in the public just before it was going to fix it.

Google posts unpatched vulnerability before Microsoft fixes it

Google has openly published a Windows 8.1 vulnerability that gives low-level users administrator rights.