Profile image
By SiteProNews (Reporter)
Contributor profile | More stories
Story Views

Last Hour:
Last 24 Hours:

Russian Hackers Took Advantage of Windows Flaw, Microsoft Says

Wednesday, November 2, 2016 8:30
% of readers think this story is Fact. Add your two cents.

A security issue in Windows recently made public by Google has been exploited by Strontium, a hacking group linked to Russia, Microsoft has announced.

Microsoft said it was “disappointed” by Google’s decision to go public with the flaw because a patch is not due to be released until Nov. 8.  Now that hackers are aware of the issue, it puts Windows users in their crosshairs, Windows and devices group executive vice-president Terry Myerson said.

“Google’s decision to disclose these vulnerabilities before patches are broadly available and tested is disappointing, and puts customers at increased risk,” Myerson said in a blog post.

Microsoft Threat Intelligence discovered Strontium is carrying out a low-volume spear-phishing campaign. The campaign, which was originally identified by Google’s Threat Analysis Group, uses two zero-day vulnerabilities in Adobe Flash and the down-level Windows kernel to breach Windows users’ computers.

Myerson said all customers should upgrade to Windows 10, to take advantage of the “advanced protection for consumers and enterprises at every layer of the security stack.”

“Customers using Microsoft Edge on Windows 10 Anniversary Update are known to be protected from versions of this attack observed in the wild,” Myerson said, adding that users running Windows Defender Advanced Threat Protection (ATP) are made aware of any attempted Strontium attack.

Strontium, which is also known as Fancy Bear, and APT 28, is responsible for a number of spear phishing attacks in 2016. In fact, Microsoft has attributed more zero-day exploits to Strontium than any other tracked group this year.

Active since at least 2007, Strontium’s favorite targets include government agencies, diplomatic institutions, and the military as well as defense contractors and public policy research institutes. The hacking group’s usual modus operandi is using the compromised e-mail account of a victim to send malicious e-mails to another.

Strontium will “persistently pursue specific targets for months until they are successful in compromising the victims’ computer,” Microsoft said in a report. “Once inside, Strontium moves laterally throughout the victim network, entrenches itself as deeply as possible to guarantee persistent access, and steals sensitive information.”


Jennifer Cowan is the Managing Editor for SiteProNews.

The post Russian Hackers Took Advantage of Windows Flaw, Microsoft Says appeared first on SiteProNews.


We encourage you to Share our Reports, Analyses, Breaking News and Videos. Simply Click your Favorite Social Media Button and Share.

Report abuse


Your Comments
Question   Razz  Sad   Evil  Exclaim  Smile  Redface  Biggrin  Surprised  Eek   Confused   Cool  LOL   Mad   Twisted  Rolleyes   Wink  Idea  Arrow  Neutral  Cry   Mr. Green

Top Stories
Recent Stories



Top Global

Top Alternative



Email this story
Email this story

If you really want to ban this commenter, please write down the reason:

If you really want to disable all recommended stories, click on OK button. After that, you will be redirect to your options page.