Microsoft has rolled out a number of updates to Windows this week intended to fix some pretty serious security vulnerabilities.
55 vulnerabilities were addressed in the latest round of patches, 15 of which are rated as “critical” by Redmond as they affect Windows itself, Office, Microsoft Edge and Internet Explorer. Microsoft’s anti-malware products (the ones that fall under the “Malware Protection Center” banner) were also affected.
PC World says three of those vulnerabilities (that are now fixed) have been exploited by “…targeted attacks by cyber espionage groups”.
Two flaws in particular, CVE-2017-0261 and CVE-2017-0262, exploit the manner in which Microsoft Office handles “encapsulated PostScript image files”, allowing an attacker to perform “remote code execution” on affected systems.
Business owners are advised to make sure the latest Windows security patches are downloaded as soon as possible. Should there be no third-party security software solution installed and staff are using Windows PCs protected only by Windows Defender and Security Essentials, admins are advised to make sure the engine version is 1.1.13704 to ensure the latest patch is indeed installed.
Researchers from cybersecurity firms ESET and FireEye believe several groups have used these flaws extensively: one is a Russian cyber-espionage collective called Turla, a second is an as-yet unidentified group of “financially motivated hackers”, while a third, APT28, has been associated with the use of CVE-2017-0262 in several cyber attacks on the US in 2016.
Turla has targeted government entities, intelligence agencies, embassies, military organisations, research and academic institutions and large corporations, while APT28 (also known in the security industry as Fancy Bear or Pawn Storm) has been blamed for the shenanigans around the US presidential election, most notably a hack of the Democratic National Committee last year.
So if you see that little icon that indicates updates are ready to install this week, please hit that “Update and restart” button as soon as possible.
[Source – PC World]