A Russian hacking collective called ‘Fancy Bear’ has been blamed by Microsoft for exploiting a flaw in its operating system, Windows, that was recently made public by Google.
The company said in a security advisory that a hacking group previously linked to the Russian government and US political hacks has exploited a newly discovered Windows zero-day flaw that was outed by Google earlier this week.
Microsoft said that the hacking group ‘Strontium’, more commonly known as Fancy Bear, had carried out a small number of attacks using spear phishing techniques.
Terry Myerson, executive vice president of Microsoft’s Windows and Devices division, said: “Recently, the activity group that Microsoft Threat Intelligence calls Strontium conducted a low-volume spear phishing campaign.
“This attack campaign, originally identified by Google’s Threat Analysis Group, used two zero-day vulnerabilities in Adobe Flash and the down-level Windows kernel to target a specific set of customers.”
Myerson added that Microsoft “has attributed more zero-day exploits to Strontium than any other tracked group in 2016“.
Microsoft said that a patch to protect users against this latest threat will be released on 8 November, but Myerson has advised customers to upgrade to the latest version of Windows 10 to be protected immediately.
“Customers using Microsoft Edge on Windows 10 Anniversary Update are known to be protected from versions of this attack observed in the wild,” he said.
The technology company thanked Google for bringing the vulnerability to its attention, although it wasn’t too pleased that the firm made it public.
“Google’s decision to disclose these vulnerabilities before patches are broadly available and tested is disappointing, and puts customers at increased risk.”
Google has however maintained that disclosing known and “actively exploited” vulnerabilities is in the interest of people seeking to secure their systems.
