Microsoft patches major Windows security flaw

Microsoft has patched a major zero-day vulnerability in Windows, the second such exploit detected in just a few weeks.

The threat, the second such alert in just a month, was spotted by security experts at Kaspersky Lab and fixed as part of Microsoft's monthly Patch Tuesday release.

Kaspersky Lab says the exploit had already been utilised for a number of cyberattacks in the Middle East, and was detected by the company's Automatic Exploit Prevention technology.

Windows security risk

The vulnerability, officially named by Microsoft as CVE-2018-8589, targeted the 32-bit version of Windows 7, and could have allowed attackers to gain "elevated privileges" and create exploits to gain access to a victim's system and run malicious code.

The news comes just a few weeks after Kaspersky Lab detected a similar zero-day threat in Microsoft's system, having alerted the computing giant to a further Windows vulnerability that had been utilised by state-backed cyber-espionage group known as FruityArmor.

“Autumn 2018 became quite a hot season when it comes to zero-day vulnerabilities," said Anton Ivanov, Security Expert at Kaspersky Lab. 

"In just a month, we discovered two of their kind and detected two series of attacks in one region. Discreteness of cyberthreat actors’ activities remind us that it is of critical importance for companies to have in their possession all necessary tools and solutions that would be intelligent enough  to protect them from such sophisticated threats. Otherwise, they could become a subject to complex targeted attacks that will come out of nowhere."

Mike Moore
Deputy Editor, TechRadar Pro

Mike Moore is Deputy Editor at TechRadar Pro. He has worked as a B2B and B2C tech journalist for nearly a decade, including at one of the UK's leading national newspapers and fellow Future title ITProPortal, and when he's not keeping track of all the latest enterprise and workplace trends, can most likely be found watching, following or taking part in some kind of sport.