Microsoft was very upset with Google last week when its Threat Analysis Group publically disclosed a critical Windows kernel vulnerability (CVE-2016-7255) that had yet to be patched.
The company criticized Google’s move, claiming that the disclosure of the vulnerability, which was being exploited in the wild, put its customers “at potential risk.”
The vulnerability affects all Windows versions from Windows Vista through current versions of Windows 10, and Microsoft was set to issue a fix come this month’s Patch Tuesday.
So, as part of its monthly Patch Tuesday, Microsoft today patched the security flaw in Windows that was actively being exploited by hackers.
According to Microsoft’s security bulletin released today, any hacker who tricked victims into running a “specially-crafted application” could successfully exploit the system bug and gain the ability to “install programs; view, change, or delete data; or create new accounts with full user rights.”
Once exploited, the bug could be used to escape the sandbox protection and execute malicious code on the compromised Windows machine.
Rated as “important,” the vulnerability was being exploited by Strontium group, also known as Fancy Bear, Sofacy, and APT 28, in targeted attacks.
Fancy Bear is the same group of hackers that has also been accused by the US Intelligence community of hacking the Democratic National Committee, Clinton Campaign Chair John Podesta, and former Secretary of State Colin Powell, among others.
Besides this controversial flaw exposed by Google last week, the security bulletin also fixes multiple elevation of privilege bugs.
Patch Tuesday also contains several critical security patches that affect all versions of Windows as well as other important updates and fixes for both Internet Explorer and Edge.
So, I strongly recommend home users and companies to ensure that their Windows PC is up-to-date with all of Microsoft’s latest security fixes as of today.