Microsoft fixes bugs exploited to hack military and financial firms
The attacks that have been used are:
- Chinese state-sponsored hackers
- Remote code execution attacks
- Allowing admin privileges
- Bypass security to run arbitrary code
- Credentials letting hackers lift privileges
- Virtual Machine Manager vulnerability
The vulnerabilities have now been patched by Microsoft and Adobe with Microsoft’s February 2015 security update and should see an end to the attacks with all bugs being fixed. The update included nine bulletins, three of which were rated “critical” and the remaining six rated “important”.
“Microsoft’s update comes after a turbulent month for information security professionals, with multiple zero-day vulnerabilities in Adobe’s Flash software.” Warwick Ashford, Security Editor at ComputerWeekly.
For an in depth look into how the attackers took advantage of the vulnerabilities visit ComputerWeekly.com