Microsoft to Fix Windows Vulnerability!
Microsoft says it will issue a fix next week for a Windows vulnerability it says hackers exploit in connection to Russia’s government.
The company in a blog post says it will release the fix in November 8 as part of its normal patch cycle. It says a well-known hacking group was already using the newly discovered vulnerability in a hacking campaign. They send people bogus emails in an attempt to con or trick them out of personal data. The bug, publicly revealed by Google on Monday, can be used to bypass the security in the Windows32K system.
The revelation of the bug has been causing conflicts between Microsoft and Google. The search giant said it gave Microsoft 10 days to issue an advisory or a fix. But Windows giant failed to act. As a result of this, Google went public because it rated the bug as “critical” and learnt it was being actively exploited. Microsoft is yet to address the delay in issuing a fix but disputed Google’s assessment of the bug’s threat. Although they stressed that Google’s disclosure “could put customers at potential risk.” Gosh! I wonder why no alert to customers on this kind of security vulnerability.
Consequently, Microsoft says a hacking group known as Strontium is behind email attacks that takes advantage of the vulnerability. The group, more widely known as “Fancy Bear” and APT 28, is also in connection with series of hacks recently. It also includes the one in which emails and chat transcripts were stolen from the Democratic National Committee’s computer network.