HomeWinBuzzer NewsMicrosoft Patches Windows Security Flaws Previously Exploited by Russian Hackers

Microsoft Patches Windows Security Flaws Previously Exploited by Russian Hackers

The security update fixes the vulnerabilities in various versions of Windows by correcting how the Windows kernel-mode driver handles objects in memory.

-

The most important fix is the prevention of elevation of privilege if an attacker logs on to an affected system. In order to do so, the attacker would be able to trick the user by running a malicious program or a “specially crafted application“, as calls it.

That means running programs, deleting various data and creating user accounts with full user rights. The whole process could exploit the vulnerabilities and take complete control of an affected system.

The patch is a part of a regular monthly round of security patches known as Patch Tuesday. The patch has an “Important” rating for all supported releases of Windows and is only available via Windows Update.

This is related to a recent incident where a Russian group called STRONTIUM performed a low-volume spear-phishing attack to exploit vulnerabilities. The attack used two zero-day vulnerabilities in Adobe Flash and the down-level Windows kernel to target a specific set of customers.

As promised, Microsoft has issued a fix for all of the affected version of Windows. It's important to note that users running the Anniversary Update were initially protected from the attacks.

Google's public disclosure

's Threat Analysis Group first spotted the attack and published the details of the flaw before the patch. Google breached the standard three-month private disclosure period, citing there was evidence hackers were actively exploiting the flaw.

Google's handling of the situation angered Microsoft, saying its decision “puts customers at increased risk”. However, Microsoft resolved the brief situation by acknowledging Google researchers responsible for finding the flaw.

Microsoft also issued a fix for six critical flaws, including the one that affected all versions of Windows. The most severe vulnerability could allow remote code execution if an attacker with local authentication runs a specially crafted application.

The update addresses this vulnerability in two ways – by correcting how the Windows Input Method Editor (IME) loads DLLs and requiring hardened UNC paths be used in scheduled tasks.

Also issued are eight other important updates, including cumulative updates for Internet Explorer and Edge browsers.

Sead Fadilpasic
Sead Fadilpasichttp://journalancer.com/
Sead is a former Al Jazeera journalist who shares his passion for technology on various tech media outlets. Formerly a heavy gamer (semi-professional Warcraft 3 gosu), he now enjoys reviewing software and churning out words about the latest tech-news. He holds a college degree in Journalism and likes to annoy his neighbors by playing one of his three electric and two acoustic guitars.

Recent News