When Google stumbled upon a security flaw in the mighty fortress known as Windows, it behaved exactly as its policy dictated – it first reported it to Microsoft and then made the discovery public merely ten days later. This action, however innocuous it may seem considering the giant that is Google, made Microsoft fume with anger. The irritating visibility of the flaw now beckoned hackers, who perhaps had been unaware of it, to exploit it at their whim and unleash chaos. Google, however, remained unperturbed and justified their action as necessary transparency.
This seemingly corporate scuffle took a dark turn when Microsoft began pointing fingers at Russian hackers, infamously known as Fancy Bear or APT 28, for supposedly leveraging this publicly disclosed flaw. According to a Reuters report, Microsoft declared that they wouldn’t be releasing a security patch until November 8th. What the world can do until then is just hold its breath and observe the cyber-drama.
“There have been a limited number of attacks involving ‘spear phishing’ emails from a hacking troupe we know as Strontium, more popularly notorious as Fancy Bear or APT 28,” revealed Microsoft in an advisory on their website, while withholding details of any specific victims.
Microsoft’s declaration of these cyber-attacks and their alleged connection to Russia went public only after accusations leveled by Washington about Moscow’s attempts to create pandemonium and undermine the credibility of the imminent U.S. election.
This hacking group, who Microsoft claims are exploiting the said flaw, has previously been implicated in major cyber leaks across the United States. Both American and British intelligence circles have ominously suggested that Russia is currently engaging in cyber espionage against western organisations. The aim? Furtively skewing election results towards their preferred candidate. Ironically enough, it would seem like Russia has adopted this cyber-strategy from the CIA, who would typically expend substantial resources to effectuate political regime change.
As tensions continue to escalate, the US is promising a resolute response. However, the exact nature of this retaliatory action remains shrouded in mystery.
As we hold our breath in anticipation, Windows users are advised to expedite patching procedures as swiftly as they can. In the meantime, updating Adobe Flash and Chrome on your devices is advisable, given that hackers exploited a separate bug in Adobe Flash in tandem with the flaw in win32K. Thankfully, Adobe has already issued a fix, so all that is required is an update as we await a more comprehensive security update from Microsoft.
Paul Balo is the founder of TechBooky and a highly skilled wireless communications professional with a strong background in cloud computing, offering extensive experience in designing, implementing, and managing wireless communication systems.
We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.
