Microsoft on Tuesday issued bug patches Tuesday fixing 24 vulnerabilities found in Windows, Internet Explorer, Office and the .Net Framework, some of which fixed security holes exploited in attacks against Western targets linked to Russian hackers. The company’s patches fix more than a dozen vulnerabilities that allow remotely located hackers to take control of a target computer, according to a note from Microsoft.
The issues were first revealed by Dallas-based security firm ISight, which said Tuesday that Russia-tied hackers had been using a previously unknown bug in Microsoft Windows Vista through Windows 8.1 to attack NATO, the European Union and targets in Ukraine since September. ISight partnered with Microsoft to report the bug.
The hacks against Western targets are part of a growing wave of cyberattacks linked to Russia amid that country’s ongoing conflict with Ukraine. However, it’s unclear exactly what data hackers took as part of the attack.
“Though we have not observed details on what data was exfiltrated in this campaign, the use of this zero-day vulnerability virtually guarantees that all of those entities targeted fell victim to some degree,” ISight said Tuesday.