Microsoft released 14 new security bulletins on Tuesday, in which, it addressed many security issues including a vulnerability actively exploited by a Russia-linked group and several other bugs for which exploits are publicly available.
One of the security updates is MS16-135, a bulletin rated Important on severity level. MS16-135 resolves two information disclosure and three privilege elevation vulnerabilities, including a Windows kernel bug exploited by Russia-linked hack group to escalate privileges and evade the browser sandbox function.
The zero-day CVE-2016-7255 tracked by the Google researchers on October 21st was informed to Microsoft and disclosed 10 days later. Google usually gives 90 days to vendors to patch the issues, but the deadline was only 7 days because the exploit was in the wild and needed to address immediately.
While Google decided that it had a responsibility and it is in the best interest of Windows users to disclose the vulnerability, Microsoft disagreed and criticized Google for putting its customers at potential risk.
Microsoft explained the vulnerability had been exploited in several low-volume spear phishing campaigns by the hacking group known as APT28, Fancy Bear, Pawn Storm, Sednit, Tsar Team, and Sofacy.
However, Microsoft has not disclosed any details on these attacks. It said the vulnerability could be exploited via specific websites or documents that lure victims to open in order to execute the exploit.
The vulnerability affected Windows Vista to Windows 10; Microsoft said users who are on Windows 10 Anniversary update are immune to the exploit. The same attacks also exploited Adobe Flash Player vulnerability, which was later patched on October 26th.
It is not the only vulnerability that Microsoft patched on Tuesday. The security bulletin MS16-132 rated ‘critical’ on severity level addresses various issues relating to Windows Animation Manager, Windows Media Foundation, and OpenType fonts, including an Open Type Font Execution Vulnerability (CVE-2016-7256) caused by the Windows font library that handles embedded fonts.
Microsoft also patched low-level vulnerabilities for which exploits are publicly available. It includes and Edge spoofing bug (CVE-2016-7209) and a browser information disclosure vulnerability (CVE-2016-7199), which are fixed in the patch MS16-129.
Other ‘critical’ level patches resolve issues affecting Input Method Editor (IME), Voice Control, and the Task Scheduler. ‘Important’ level patches fix SQL Server, Windows Virtual Hard Disk Driver, Windows authentication methods, Secure Boot, Windows Kernal, Office, and Windows Common Log File System (CLFS) driver.
The Flash Players vulnerabilities have also been patched in Edge and Internet Explorer with MS16-141 ‘critical’ patch.
If you haven’t updated your Windows, please do so now!
Share this article
About the Author
Peter Buttler an Infosec Journalist and Tech Reporter, Member of IDG Network. In 2011, he completed Masters in Cybersecurity and technology. He worked for leading security and tech giants as Staff Writer. Currently, he contributes to a number of online publications, including The Next Web, CSO Online, Infosecurity Mag, SC Magazine, Tripwire, GlobalSign CSO Australia, etc. His favorite areas Online Privacy, AI, IoT, VR, Blockchain, Big Data, ML, Fintech, etc. You can follow him on twitter.
More from Peter ButtlerRelated Posts
Passengers’ Data Stored on User Devices, not on DigiYatra Storage, says India Govt
KEY TAKEAWAYS Unblocking streaming content from Amazon Prime is easy only if you know the reliable V...
NCSC Chief: Clear Rules Needed to Prevent Cyberspace Conflict and Struggle
A safe and secure digital world necessitates a clear definition and enforcement of international cyb...
‘Revive’ has been upgraded to a banking Trojan on Android
This month, Cleafy’s security researchers discovered a new Android Banking Trojan in the wild....
Asian Industrial Control Systems Targeted by Hackers Using the Shadowpad Backdoor
Unpatched Microsoft Exchange servers in various Asian countries were the target of an attack campaig...
Data Breaches Could Occur Due to Kubernetes Misconfigurations That Were Leaked.
Over 900,000 Kubernetes (K8s) have been discovered to be vulnerable to malicious scans and/or data-e...
Attacks by Cybercriminals Will Become the Main Threat in 2024. Privacy Issues Tendencies
Internet Privacy is the main Concern today Advertisers track your online activities and interf...
