Microsoft Claims Russian Hackers Already Exploiting Windows Flaw Highlighted By Google

There’s a bit of bad blood between Microsoft and Google following news that the latter spilled the beans on a 0-day Windows kernel exploit. Google originally alerted Microsoft and Adobe to the vulnerability on October 21st, and went public with its findings just ten days later on November 1st.

"We believe in coordinated vulnerability disclosure, and today’s disclosure by Google puts customers at potential risk," said a Microsoft spokesperson yesterday in a statement. "Windows is the only platform with a customer commitment to investigate reported security issues and proactively update impacted devices as soon as possible.”

windows10 start

While Adobe has issued a patch for its part in the exploit, Microsoft says that its patch won’t be available until November 8th. However, Microsoft’s Windows chief Terry Myerson has stepped into the fray to reveal that Russian hackers are actively taking advantage of the exploit discovered by Google.

“Recently, the activity group that Microsoft Threat Intelligence calls STRONTIUM conducted a low-volume spear-phishing campaign,” said Myerson. “This attack campaign, originally identified by Google’s Threat Analysis Group, used two zero-day vulnerabilities in Adobe Flash and the down-level Windows kernel to target a specific set of customers.”

It should be noted that STRONTIUM, also known by the names Fancy Bear and APT 28, has been connected linked with the Russian government, and its reported attacks on the Democratic National Committee. The subsequent release of internal emails by WikiLeaks has certainly added a lot of color to the U.S. president race.

Myerson goes on to explain:

To address these types of sophisticated attacks, Microsoft recommends that all customers upgrade to Windows 10, the most secure operating system we’ve ever built, complete with advanced protection for consumers and enterprises at every layer of the security stack. Customers who have enabled Windows Defender Advanced Threat Protection (ATP) will detect STRONTIUM’s attempted attacks thanks to ATP’s generic behavior detection analytics and up-to-date threat intelligence.

In addition, Myerson indicates that while this latest Windows exploit is incredibly dangerous, customers running the Windows 10 Anniversary Update along with Microsoft Edge are completely protected. For everyone else, you’ll have to wait for the Election Day patch.


Via:  Microsoft
Show comments blog comments powered by Disqus