Microsoft Says Russian Hackers Exploited Flaw in Windows
Jay Greene and Robert McMillan report:
The hackers believed responsible for breaking into computers at the Democratic National Committee have exploited previously undisclosed flaws in Microsoft Corp.’s Windows operating system and Adobe Systems Inc.’s Flash software, Microsoft said Tuesday.
It is unclear if those hackers, reportedly tied to Russia, used the newly disclosed vulnerabilities to hack into the DNC.
Microsoft Tuesday criticized Alphabet Inc’s Google for publicly identifying the Windows flaw on Monday, before Microsoft had had a chance to issue a patch.
Read more on Wall Street Journal.
Over on ThreatPost, Michael Mimoso explains:
Microsoft has singled out Sofacy, an APT group long thought to have ties to Russia’s military intelligence arm GRU, as the entity behind targeted attacks leveraging Windows kernel and Adobe Flash zero days in targeted attacks.
The group, which Microsoft calls Strontium, is also known as APT28, Tsar Team and Sednit among other identifiers.
Microsoft said the zero day vulnerability, the existence of which along with limited details were disclosed on Monday by Google, will be patched Nov. 8. Google said yesterday it privately disclosed both zero days, which were used in tandem in these targeted attacks against unknown victims, to Microsoft and Adobe on Oct. 21. Adobe rushed an emergency patch for Flash Player on Oct. 26, while Microsoft had yet to acknowledge the vulnerability until Google’s disclosure.