Microsoft patches Windows bug that Russian hackers exploited to spy on NATO, EU computers


Microsoft has issued eight security bulletins that looked to address 24 vulnerabilities, including a Windows bug that was exploited by hackers from Russia to be able to spy on the computers of NATO and the European Union, among other targets.

The updates were issued as a component of Microsoft's October edition of Patch Tuesday, addressing vulnerabilities that were found within all the currently supported versions of the Windows operating system, Internet Explorer, Microsoft Office and the .Net framework.

Out of all the bulletins, three of them were rated critical. This rating means that Microsoft is recommending systems administrators to immediately apply the specific patches.

FireEye, a security research company, discovered two of the three zero-day bugs that the update looked to fix. Zero-day bugs are flaws being exploited by hackers and used as a component of limited but targeted attacks directed against certain major companies.

One of the non-critical patches that Microsoft released looks to fix a flaw in the remote code execution of all supported versions of the Windows operating system and Windows Server 2012 and 2008. The flaw was being exploited by the "Sandworm" cyber attack, which was carried out to spy on computers that were used by NATO, EU, Ukraine and companies in the energy and telecommunications sectors.

The cyber attack is a five-year campaign of cyber espionage, according to security company iSight. However, the kind of data that the Sandworm campaign has extracted remains unknown.

iSight added that hackers launched campaigns in the past that targeted the intelligence agencies of the United States and the EU, military centers, news companies and defense suppliers, and even rebels and jihadists in Chechnya. However, much of the focus has been shifted towards the conflict between Russia and Ukraine, companies in the energy sector and Russian political issues.

Microsoft has rated the flaw as important but not critical because the user is required to open a file on Microsoft Office to launch the execution of the code. The flaw allows the hacker to gain the same user rights as that of the person that is logged into the affected computer.

The second zero-day bug that the update remedies is a vulnerability on the escalation of privileges, which could grant full access to a system. The third zero-day bug, rated as critical, allows the execution of codes remotely when a user accesses a document or goes to a website with embedded TrueType fonts.

ⓒ 2018 All rights reserved. Do not reproduce without permission.
Real Time Analytics