View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
November 2, 2016

Microsoft slams Google over Windows bug disclosure as Russian hackers go phishing

Microsoft plans to release patches for all versions of Windows on 8 November.

By Alexander Sword

A brewing security feud between Microsoft and Google has worsened as Microsoft said that Russian hackers had exploited a Windows security flaw revealed by Google.

Microsoft said in a blog post that the Russia-based Fancy Bear group, also known as Strontium, had conducted a low-volume phishing attack that exploited the flaw.

Google’s Threat Analysis Group identified zero-day vulnerabilities in Adobe Flash and the down-level Windows kernel.

However, Google’s disclosure of this vulnerability before patches were broadly available angered Microsoft, with the latter calling it “disappointing” and saying it “puts customers at increased risk.”

“We believe responsible technology industry participation puts the customer first, and requires coordinated vulnerability disclosure,” wrote Terry Myerson, Executive Vice President, Windows and Devices Group.

However, Google said when disclosing the bug that it had informed Microsoft seven days before going public with the announcement.

It said that Adobe had promptly issued a fix, whereas Microsoft had not released any advisory or fix for the vulnerability.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

“This vulnerability is particularly serious because we know it is being actively exploited,” said Neel Mehta and Billy Leonard, Threat Analysis Group at Google.

Microsoft will release patches for all versions of Windows in the next update on 8 November. The company has coordinated with Google and Adobe to investigate the attacks and to create a patch for down-level versions of Windows.

Online Security Technology and Hacking Risk Alert Concept

In the mean time, Myerson recommended that customers upgrade to Windows 10, saying that Windows Defender Advanced Threat Protection would be able to detect Fancy Bear’s activity.

Fancy Bear has been in headlines recently over a number of hacks, particularly ones involving the Olympics.

The collective, claiming to stand for “fair play and clean sport”, launched its #OpOlympics campaign this summer. Fancy Bear claims to have hacked into World Anti-Doping Agency databases. Recently Fancy Bear has revealed medical information about top American athletes Serena Williams, Venus Williams and Simone Biles.

The hacking group was also implicated in attacks on the Democratic National Committee.

Myerson said in the blog: “Strontium frequently uses compromised e-mail accounts from one victim to send malicious e-mails to a second victim and will persistently pursue specific targets for months until they are successful in compromising the victims’ computer.

“Once inside, Strontium moves laterally throughout the victim network, entrenches itself as deeply as possible to guarantee persistent access, and steals sensitive information.”

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.