Microsoft to patch Windows security flaw under attack next week

The software and services giant said a Russian group was behind the attacks.
Written by Zack Whittaker, Contributor

(Image: file photo)

Microsoft said it will fix a security vulnerability in Windows next week as part of the company's usual patching schedule.

The company confirmed the move in a blog post on Tuesday, in which it accused a Russian hacking group of being behind the spearphishing campaign that exploits a newly discovered security flaw in the operating system.

Details of the flaw were first revealed on Monday after Google said it would forego its usual disclosure policy of three months, citing the severity of the "critical"-rated flaw.

"This vulnerability is particularly serious because we know it is being actively exploited," said the researchers.

But Microsoft, said to be disgruntled at the premature release, argued that customers could be put "at potential risk" as a result of the disclosure, according to a statement received by sister-site CNET.

The software and services giant said a group known as Strontium were behind the attacks. The hackers are also known for their politically motivated hacks earlier this year under the different moniker, Fancy Bears, as well as APT28, and others.

Editorial standards