Friday, 04 November 2016 04:25

Hackers are attacking Windows, and there is absolutely NOTHING you can do to stop them


CYBERCRIMINALS linked to the Russian government were behind the recent attacks that exploited a critical vulnerability in the Windows operating system, Microsoft has claimed.

Microsoft has confirmed that a number of cyber attacks by notorious hacking group Strontium have taken place.

The group, which has also been linked to the unprecedented hacking campaign aimed at disrupting and discrediting the upcoming US election, is believed to have exploited a newly discovered Windows security flaw.

Google published details about the critical vulnerability in Windows earlier this week – something Microsoft isn't too happy about.

The US search engine's Threat Analysis department disclosed details of the critical vulnerability in a post on its security blog.

The glitch can be used to bypass the security sandboxing used in the Windows32K system, Google has claimed.

Google said it reported the bug to Microsoft 10 days ago, but the Redmond firm has done nothing to address the issue.

Google has already patched its Chrome web browser against the bug, and Adobe has issued a fix for its Flash software.

However Windows itself is still vulnerable – something that Microsoft claimed hackers used to execute the spear phishing.

In spear phishing, an attacker will typically send targeted messages – typically via email – that exploit known information to trick victims into clicking on malicious links or open tainted attachments.

Microsoft chided rival Google for going public with details of the vulnerabilities before it had time to prepare and test a patch to fix them.

"Google's decision to disclose these vulnerabilities before patches are broadly available and tested is disappointing, and puts customers at increased risk," Microsoft said.


Microsoft says hacking group Strontium has exploited the vulnerability highlighted by Google

Microsoft's disclosure of the new attacks and the link to Russia came as Washington accused Moscow of launching a cyber campaign to disrupt the US election.

The US government last month formally blamed the Russian government for the election-season hacks of Democratic Party emails and their subsequent disclosure via WikiLeaks and other entities. Russia has denied those accusations.

Microsoft said a patch to protect Windows users against the newly discovered threat will be released on November 8th – Election Day.

It was not clear whether the Windows vulnerability had been used in any of the recent US political hacks.

Representatives of the FBI and the Department of Homeland Security could not immediately be reached for comment.

Google disclosed the serious security flaw on Monday, following its standing policy of going public seven days after discovering "critical vulnerabilities" that are being actively exploited by hackers.

Google gives software companies 60 days to patch less serious bugs.

Source : express


World's leading professional association of Internet Research Specialists - We deliver Knowledge, Education, Training, and Certification in the field of Professional Online Research. The AOFIRS is considered a major contributor in improving Web Search Skills and recognizes Online Research work as a full-time occupation for those that use the Internet as their primary source of information.

Get Exclusive Research Tips in Your Inbox

Receive Great tips via email, enter your email to Subscribe.