A Russia-linked hacker group is exploiting a flaw in Windows software to breach computer networks, according to Microsoft.
The Windows flaw was previously unknown, but Google notified Microsoft of the vulnerability on Oct. 21 and publicly disclosed the flaw 10 days later, on Oct. 31. Microsoft has still not issued a patch for the vulnerability.
Google said it made the public disclosure because it felt compelled to "protect users" and notify them of the threat, since the vulnerability was being actively exploited to breach people's systems.
One day later, Microsoft now offers more information on the matter and promised to release a patch on Nov. 8 with its next software update. The company points out that the attackers who took advantage of the vulnerability have been sending spear-phishing emails or targeted messages designed to trick users into disclosing personal information or installing malware on their machines.
Microsoft further points the finger at hacker group STRONTIUM, as its threat intelligence team calls it. The group may also be known as "Sofacy," "APT28" or "Fancy Bear."
Cybersecurity professionals have previously tied this group to the Russian government and the GRU, its foreign intelligence agency.
The United States has previously accused the Russian government of orchestrating a series of cyberattacks on its political organizations and citizens, so Microsoft's allegations are not stepping onto uncharted territory. A cybersecurity firm also identified potential links to Russia with regard to the massive Yahoo data breach, Russian hackers were also linked to an attempted attack on the New York Times' Moscow bureau, and the list can go on.
"STRONTIUM is an activity group that usually targets government agencies, diplomatic institutions, and military organizations, as well as affiliated private sector organizations such as defense contractors and public policy research institutes," Microsoft explains. "Microsoft has attributed more 0-day exploits to STRONTIUM than any other tracked group in 2016."
At the same time, Microsoft also says that Google's decision to publicly disclose the Windows flaw before it got a change to patch it is "disappointing" and put customers at further risk.
The company further points out that to fend off such sophisticated attacks, all customers should do is upgrade to Windows 10, which has advanced security and protection. With Windows 10, users who have enabled Windows Defender Advanced Threat Protection (ATP) will be able to detect any attempted attacks by STRONTIUM.
Nevertheless, a patch is on its way and will roll out to users next week. The vulnerability exploit was also connected to a Flash flaw, but Adobe already patched it on Oct. 26.