Microsoft Claims Russian Hackers Already Exploiting Windows Flaw Highlighted By Google

by Brandon Hill — Wednesday, November 02, 2016, 11:53 AM EDT

There’s a bit of bad blood between Microsoft and Google following news that the latter spilled the beans on a 0-day Windows kernel exploit. Google originally alerted Microsoft and Adobe to the vulnerability on October 21^st, and went public with its findings just ten days later on November 1^st.

"We believe in coordinated vulnerability disclosure, and today’s disclosure by Google puts customers at potential risk," said a Microsoft spokesperson yesterday in a statement. "Windows is the only platform with a customer commitment to investigate reported security issues and proactively update impacted devices as soon as possible.”

While Adobe has issued a patch for its part in the exploit, Microsoft says that its patch won’t be available until November 8^th. However, Microsoft’s Windows chief Terry Myerson has stepped into the fray to reveal that Russian hackers are actively taking advantage of the exploit discovered by Google.

“Recently, the activity group that Microsoft Threat Intelligence calls STRONTIUM conducted a low-volume spear-phishing campaign,” said Myerson. “This attack campaign, originally identified by Google’s Threat Analysis Group, used two zero-day vulnerabilities in Adobe Flash and the down-level Windows kernel to target a specific set of customers.”

It should be noted that STRONTIUM, also known by the names Fancy Bear and APT 28, has been connected linked with the Russian government, and its reported attacks on the Democratic National Committee. The subsequent release of internal emails by WikiLeaks has certainly added a lot of color to the U.S. president race.

Myerson goes on to explain:

To address these types of sophisticated attacks, Microsoft recommends that all customers upgrade to Windows 10, the most secure operating system we’ve ever built, complete with advanced protection for consumers and enterprises at every layer of the security stack. Customers who have enabled Windows Defender Advanced Threat Protection (ATP) will detect STRONTIUM’s attempted attacks thanks to ATP’s generic behavior detection analytics and up-to-date threat intelligence.

In addition, Myerson indicates that while this latest Windows exploit is incredibly dangerous, customers running the Windows 10 Anniversary Update along with Microsoft Edge are completely protected. For everyone else, you’ll have to wait for the Election Day patch.

Tags: Microsoft, Google, Hackers, Windows 10, strontium

Brandon Hill

Brandon received his first PC, an IBM Aptiva 310, in 1994 and hasn’t looked back since. He cut his teeth on computer building/repair working at a mom and pop computer shop as a plucky teen in the mid 90s and went on to join AnandTech as the Senior News Editor in 1999. Brandon would later help to form DailyTech where he served as Editor-in-Chief from 2008 until 2014. Brandon is a tech geek at heart, and family members always know where to turn when they need free tech support. When he isn’t writing about the tech hardware or studying up on the latest in mobile gadgets, you’ll find him browsing forums that cater to his long-running passion: automobiles.

Opinions and content posted by HotHardware contributors are their own.

Which New GPU Is For You?

Stay updated with the latest news and updates. Subscribe to our newsletter!

Subscribe Now