A recent article by ARS Technica shows how a critical vulnerability in Microsoft Windows was exploited by Russian hackers. The hackers used the vulnerability to gain system privileges and install additional malware. The vulnerability was not patched until October 2022, even though Microsoft knew about it since at least 2020. Microsoft has not publicly disclosed that the vulnerability was being actively exploited.
According to the article, the vulnerability is a zero-day exploit, which means that it was a previously unknown vulnerability that Microsoft had not yet had a chance to patch. The vulnerability was exploited by a group of Russian hackers known as APT29, also known as Cozy Bear or The Dukes. APT29 is a well-known group of hackers that is believed to be backed by the Russian government.
The article says that the vulnerability was used by APT29 to target a number of high-profile organizations, including government agencies, telecommunications companies, and energy companies. The attackers were able to gain access to sensitive data and systems on these organizations’ networks.
The article also says that the vulnerability was patched by Microsoft in October 2022. However, it is not clear how long it took for Microsoft to patch the vulnerability after it was first discovered. The article also says that Microsoft has not publicly acknowledged that the vulnerability was being actively exploited.
This is a serious security issue that could have had a significant impact on a number of organizations. It is important for organizations to patch their systems as soon as possible to protect themselves from this vulnerability. ░