Windows Flaw Disclosed By Google Being Exploited By Russian Hackers

Well, that’s just great! Microsoft says that it under attack from a Russian hacking group that goes by the name of Fancy Bear, which is using the vulnerability that Google recently disclosed.

The software titan has already expressed frustration with this decision to go public with the exploit.

But not it has provided more details on these ongoing attacks.

In an advisory posted on its website, Microsoft explained that this newly discovered Windows vulnerability is currently being used for attacks launched by a group based in Russia called STRONTIUM, who is also known as Fancy Bear.

The interesting thing is that this group has been often linked to political hacks, and things can potentially get messy now with the United States government accusing Russia of launching attacks against several American targets in order to disrupt the local election.

Which ironically is when Microsoft will release a patch for this flaw — on election day.

As explained:

“We have coordinated with Google and Adobe to investigate this malicious campaign and to create a patch for down-level versions of Windows. Along these lines, patches for all versions of Windows are now being tested by many industry participants, and we plan to release them publicly on the next Update Tuesday, Nov 8.”

Apparently, Fancy Bear works for the GRU, Russia’s military intelligence agency which the US has blamed for the attacks against the Democratic Party.

Up until now, Microsoft has not revealed if any political attacks were launched that made use of this recently discovered Windows vulnerability, but it did say that a low-volume spear-phishing campaign was conducted against as series of targets.

No disclosure from Redmond whether these attacks were successful.

Spear phishing attacks usually involve messages submitted to vulnerable targets via different communication channels like email, which generally include links or attachments that in the end lead to malicious code that is used to exploit unpatched flaws.


Stay Informed About Enterprise Security

Leave Your Comments Below...