Russian hacking group exploiting 0 day vulnerability in Windows – Microsoft

Microsoft will issue a patch on November 8.

Microsoft Corp has said a hacking group which has been previously linked to the Russian government is behind the recent cyberattacks. Recent hacking attacks have exploited newly discovered vulnerabilities founding in Windows.

In an advisory on its website, Microsoft has said a small number of attacks have made use of “spear phishing” emails all of which originate from a hacking group known as Strontium, alias “Fancy Bear,” also known as APT 28.

Microsoft did not identify any victims.

Microsoft’s disclosure and linking them to Russia comes in the wake of Washington accusing Moscow of launching a hacking campaign aimed at disrupting and discrediting the upcoming U.S. elections.

Last month, the U.S. government has formally laid the election-season hacks of the Democratic Party on the Russian government. The hacks on the party’s email server were leaked via WikiLeaks and others. Russia has denied these accusations.

Microsoft has disclosed that it will patch these new vulnerabilities through an update scheduled for release on November 8.

It is not clear whether these vulnerabilities have been exploited in any other way in recent history.

Representatives of the Department of Homeland Security and the FBI could not be reached for immediately comment.

As per a U.S. intelligence expert on Russian cyber activity, Fancy Bear works primarily on behalf of the GRU, Russia’s military intelligence agency.

U.S. intelligence officials have linked the group to the hacks which leaked the e-mails of the Democratic Party.

According to Microsoft, the attacks exploited a vulnerability in its OS and in Adobe Systems Flash software.

On Monday, Adobe has released a patch for the vulnerability with security researchers from Google going public with details on the attack.

With Microsoft yet to release a patch, it chided Google for the disclosure saying it should have gone public only after the vulnerabilities were fixed.

“Google’s decision to disclose these vulnerabilities before patches are broadly available and tested is disappointing, and puts customers at increased risk,” said Microsoft.

A representative from Google declined to comment on Microsoft’s statement.

Following its stated policy of going public from 7 days of discovering “critical vulnerabilities”, Google disclosed the flaw on Monday. Hackers were actively exploiting the flaw.

Google allows software companies 60 days to issue patches for less serious vulnerabilities.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s