Microsoft Corp said on Tuesday that a hacking group previously linked to the Russian government and U.S. political hacks is behind recent cyber attacks that exploit a newly discovered flaw in its Windows operating system. Microsoft said that a patch to defend Windows users against this sort of attack will be released on Nov. 8. The software maker said in an advisory on its website there had been a small number of attacks using “spear phishing” emails from a hacking group known Strontium, which is more widely known as “Fancy Bear” or APT 28.
Microsoft did not identify any victims of the attacks. A US intelligence expert on Russian cyber activity said that Fancy Bear primarily works for or on behalf of the GRU, Russia’s military intelligence agency, which U.S. intelligence officials have concluded were responsible for hacks of Democratic Party databases and emails. Microsoft said the attacks exploited a vulnerability in Adobe Systems Inc’s Flash software and one in the Windows operating system. Adobe released a patch for that vulnerability on Monday as security researchers with Google went public with details on the attack. Microsoft chided rival Google for going public with details of the vulnerabilities before it had time to prepare and test a patch to fix them.
“Google’s decision to disclose these vulnerabilities before patches are broadly available and tested is disappointing, and puts customers at increased risk,” Microsoft said.