Microsoft has once again released a batch of essential security updates for users of its software.
One of the flaws (CVE-2017-8759) addressed by Microsoft’s patches is a previously unknown vulnerability in the .Net framework. The zero-day vulnerability was being actively exploited in attacks which targeted Russian-speaking users with poisoned Word documents that served up a version of the FinFisher spyware.
FinFisher, also known as FinSpy or WingBird, is a family of controversial covert surveillance software which has often been linked to spying on political dissidents by intelligence agencies and repressive regimes around the world.
The makers of FinFisher claim that they sell their controversial software exclusively to government agencies for targeted criminal investigations, suggesting that the latest wave of attacks are the work of a hacking group assisted by a state actor.
The most recent attacks on Russian speakers have been tied to a hacking gang known as Neodymium, which in early May 2016 exploited a Flash Player zero-day vulnerability to infect targeted computers with FinFisher. Most of the victims of that attack were located in Turkey, although infections were also seen in Germany, the United Kingdom and the United States.
Also of note is that Microsoft has revealed it has pushed out a fix for the newly-announced BlueBorne exploits (CVE-2017-8628), which could allow an attacker to initiate a Bluetooth connection to a targeted device without the user’s knowledge, and open opportunities ofr man-in-the-middle (MITM) attacks
In its Patch Tuesday release, Microsoft addressed 81 new vulnerabilities – of which 27 have been given the highest rating of “critical”.
In addition, Microsoft is releasing an update to the version of Adobe Flash Player embedded in its Edge and Internet Explorer browsers. Affected software includes Edge, Hyper-V, Internet Explorer, Microsoft Office, Remote Desktop Protocol, Sharepoint, Windows Graphic Display Interface, and Windows Kernel Mode Drivers. In addition, Microsoft is also releasing an update for Adobe Flash Player embedded in Edge and Internet Explorer.
Make sure to roll out Microsoft’s security updates to your vulnerable computers at the earliest opportunity to reduce the chances of a hacker successfully exploiting your devices.
Enterprise customers are recommended to test that the patches do not cause any problems during roll-out on a test set of PCs, before updating all of their PCs across the business.
This is a Security Bloggers Network syndicated blog post. Read the original at: Graham Cluley 2017-09-13.