November 9, 2016
Microsoft was very upset with Google last week when its Threat Analysis Group publically disclosed a critical Windows kernel vulnerability (CVE-2016-7255) that had yet to be patched.
The company criticized Google’s move, claiming that the disclosure of the vulnerability, which was being exploited in the wild, put its customers “at potential risk.”
The vulnerability affects all Windows versions from Windows Vista through current versions of Windows 10, and Microsoft was set to issue a fix come this month’s Patch Tuesday.
So, as part of its monthly Patch Tuesday, Microsoft today patched the security flaw in Windows that was actively being exploited by hackers.
According to Microsoft’s security bulletin released today, any hacker who tricked victims into running a “specially-crafted application” could successfully exploit the system bug and gain the ability to “install programs; view, change, or delete data; or create new accounts with full user rights.”
Once exploited, the bug could be used to escape the sandbox protection and execute malicious code on the compromised Windows machine.
Rated as “important,” the vulnerability was being exploited by Strontium group, also known as Fancy Bear, Sofacy, and APT 28, in targeted attacks.