(Microsoft Patch Blocks Sandworm
Tunnels)
By Richard Adhikari10/17/14 11:05 AM PT
Cybersecurity firm iSight Partners this week revealed that a cybergang it dubbed "Sandworm" has been exploiting a zero-day vulnerability that impacts all supported versions of Microsoft Windows, including Windows Server 2008 and 2012.
The announcement was held off until Microsoft issued its patch for the vulnerability, CE-2014-4114, earlier this week.
If exploited, the flaw will let attackers remotely execute code on target systems.
The cybergang hit NATO, government organizations in the Ukraine and Western Europe, a Polish energy firm, a French telecommunications company, and academic organizations in the United States, iSight said.
Full Article