A team of hackers based in Russia dubbed the “Sandworm Team” has been exploiting a vulnerability in Windows, Windows Server 2008, and Windows Server 2012 in order to spy on multiple public, and private institutions.
iSight, a security firm that is working in concert with Microsoft to track the hackers and plug such flaws, says that when someone uses it to penetrate Windows, they have the ability to “remotely execute arbitrary code.”
iSight also said that anyone trying to take advantage of a flaw to compromise a system would “need a specifically crafted file and use social engineering methods (observed in this campaign) to convince a user to open it.”
Sandworm has used this flaw in Windows and Windows Server to hit the North Atlantic Treaty Organization, or NATO, along with government organizations based in Western Europe, parts of the Ukrainian government, energy companies in Poland, multiple European telecom firms, and academic organizations here at home as well.
To combat the group’s activities, Microsoft has released security fixes that are designed to fix the flaw. Users with Automatic Update enabled on their Windows PCs will download all patches without any input from them.
Digital Trends has contacted iSight to get more information on how to avoid any potential pitfalls associated with flaw that the Sandworm Team has been exploiting. We’ll issue any updates if and when we obtain information from iSight.
- How to use Passkeys in Windows 11
- Your Windows 11 screenshots may not be as private as you thought
- 4 Windows 11 accessibility features that make it easier for everyone to use
- Windows 11 might pull ahead of Windows 10 in one key way
- New ways Microsoft is enticing developers to use Windows app store