Microsoft has acknowledged what Google made public yesterday: There’s a major security flaw in Windows, and hackers linked to the Russian group Strontium, also known as Fancy Bear, are actively exploiting it. Microsoft promises a completely patch and updated by November 8.
Google seems to have either felt like its hand was forced or that Microsoft wasn’t moving quickly enough to fix the flaw. The exploit, which uses a combination of the win32k system and Adobe Flash, was found much earlier than this by Google’s Threat-Assessment Team. But full disclosures like this, before the patch has been released, are relatively rare, for reasons both self-serving (no one wants to be on the bad side of a security flaw) and helpful (releasing info about security flaws before they’re fixed is essentially asking every criminal with a decent ISP to go after vulnerable targets).
So, what can you do in the meantime? First off, disable Flash — that seems to be one of the main attack vectors. While none of the exact details of the vulnerability are known quite yet, if Flash is involved, disabling it should provide some measure of security.
Second, if you are using Windows 10, EVP Terry Myerson says users who are also using Microsoft Edge are already protected from attack (though this makes up a tiny population of total Windows users).
Microsoft is none too happy about Google’s break in protocol. Talking to VentureBeat, a Microsoft PR flak took a torch to Google’s choice.“Today’s disclosure by Google puts customers at potential risk. We recommend customers use Windows 10 and the Microsoft Edge browser for the best protection.”
Hacker group Fancy Bear, meanwhile, has had an active month. They are suspected to be behind the spear-phishing hack that brought John Podesta’s emails into the the public eye; to have hacked into Mac OS X; and to have revealed the U.S. Olympic team’s own anti-doping policies after members of the Russian delegation were banned from this summer’s games. They’re heavily suspected to be supported or outright employed by the Main Intelligence Department (or GRU) of the Russian government. This Windows hack would seem to just be the latest feather in their shapka.