Just a few days ago Google revealed to the public and media that Windows OS has vulnerability which can be exploited by the hackers to gain control over the device. Microsoft got angry with the Google for revealing the vulnerability as it can have serious implication on billions of device on the global level. Now Microsoft has brought a security update to fix that software bug. It has been seen that hackers has been utilizing this vulnerability to infiltrate government networks. Interestingly one of the hacker groups has even started a number of campaigns to make use of this flaw to cause mass level security concerns.
Attacks have accelerated in recent past
Microsoft has brought the security patch with its regular software update this month. This patch was brought along with 14 different updates aimed at addressing as many as 68 vulnerabilities present in the Windows, Edge Browser and Office Suite.
Microsoft’s Windows OS vulnerability was unearthed just few weeks after the infamous Adobe security scare. Though both the companies has been slow in coming up with requisite security patch to reduce the amount of damage which can be brought upon the devices on global scale. It is necessity for current times to get loophole present in the software, program or application closed as soon as possible though companies has failed on this front.
A blog reveals the extent of damage caused by the vulnerability
A blog made by the Terry Myerson who is the head of the Windows has provided details of the activities carried out by a hacker group called Strontium hacker. This hacking group is notoriously known for targeted government, agencies, organization, defense contractors and embassies by exploiting the flaws present in the devices. It is also known by various different names across the globe which includes Sofacy, Pawn Storm and Fancy Bear.
Trend Micro reports several instance of hacking
This vulnerability has been exploited by a number of hackers in the last few weeks. Trend Micro has published a report stating the instances when and how these hacks were performed by the notorious fellows. Hacker groups have ramped up their capability by bringing in sophisticated phishing campaigns during the month of October and November to make most of the vulnerability. Due to the prevalent cyber attack activities people has become aware of the cyber threats present around them.
But these hackers has used a very smart way of booby trapping the target audience by posing as invites for an upcoming conference on the cyber threats. A number of hacker has resorted to this technique as I keeps at ease and doesn’t raise any undue concern or alert from the agencies or authorities.
So in just few weeks of time these groups have been to exploit the flaw to its fullest and some serious damage to the public and agencies as a result. Trend Micro asserted that the time taken by the companies in coming up with security patch or update should be prompt in order thwart the attempts by the notorious individuals.