Microsoft to Release Security Patch Addressing Windows Flaw Exploited by Russian Hackers


Microsoft says it will release a patch next week to address vulnerabilities in its Windows operating system exploited by a group reportedly tied to the Russian government and linked to the theft of emails from the Democratic National Committee.

The group, called Strontium by Microsoft but Fancy Bear or APT 28 by other security researchers, has been tied to Russian state-sponsored hacking.

U.S. government intelligence agencies have said Russian groups were behind attempts to interfere with this year’s U.S. presidential election.

Strontium has targeted government agencies, diplomatic institutions, military organizations, plus defense contractors and public policy research institutes, Microsoft’s executive vice president of Windows and devices group Terry Myerson said in a blog post on Wednesday.

“Strontium frequently uses compromised e-mail accounts from one victim to send malicious e-mails to a second victim and will persistently pursue specific targets for months until they are successful in compromising the victims’ computer,” said Myerson.

Myerson did not directly link Strontium to Russia, only that it has been used “to target a specific set of customers.”

Click here to continue reading…

SOURCE: Brett Molina and Elizabeth Weise