Unfortunately, Fix Comes After Attackers Started Using The Flaw.

Microsoft is still more than a little upset at Google revealing unpatched Windows security flaws, but it'll at least have a solution in hand in the days ahead. The software giant now plans to issue a patch for affected version of Windows on November 8th. You're if you use both Windows 10 Anniversary Update and a sufficiently up to date browser (both Chrome and Edge should be safe), but you'll definitely have to be cautious if you can't use one of the known safe browsers or the latest version of Windows.

There's good reason to be careful, too. In elaborating Google's warning about active exploits, Microsoft reports that a group nicknamed Strontium has used the vulnerabilities in both Windows and Adobe Flash to run a "low-volume" phishing campaign. You probably won't be targeted by that group, but that's not the point. The company is concerned that attacks are not only in the wild, but that other hacking teams may take advantage of the data to launch their own hostile code. A week can be a long time in the security world, after all. While there's a chance that Google's rapid-fire public disclosure accelerated the patch, it might well have exposed people to unnecessary danger.

Source:
courtesy of ENGADGET

by Jon Fingas

If you have any stories or news that you would like to share with the global online community, please feel free to share it with us by contacting us directly at [email protected]