Kaspersky reports new security exploit in Microsoft Windows OS

Source: Xinhua| 2018-10-11 04:10:32|Editor: yan
Video PlayerClose

SAN FRANCISCO, Oct. 10 (Xinhua) -- Cyber-security firm Kaspersky Lab said Wednesday that Microsoft has fixed a zero-day exploit that it discovered in August, which could affect the Microsoft Windows operating system, including the latest Windows 10.

Kaspersky said its security team found the zero-day vulnerability in the Win32k component of MS Windows operating system, which could be used by hackers to gain access to victim system, and it has notified Microsoft of the threat.

"The exploit was executed by the first stage of a malware installer to get necessary privileges for persistence on the victim's system. The code of the exploit is of high quality and written with the aim of reliably exploiting as many different MS Windows builds as possible, including MS Windows 10 RS4," Kaspersky said in a security analysis report.

The Moscow-based cyber-security firm reported a very limited number of attacks using this vulnerability, saying the victims are located in the Middle East.

The vulnerability was delivered via a PowerShell backdoor, which has exclusively been used by the FruityArmor group in the past. The cyber-espionage group has been active since 2016 and targeting various organizations in the Mideast region.

Microsoft fixed the bug in a series of security patch updates released on Tuesday, which classified it as an "important" severity marking, the Kaspersky said.

"An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights," Microsoft wrote in an advisory about security update.

The update addresses this vulnerability by correcting how Win32k handles objects in memory of MS Windows operating system.