Hackers Swoop In on Windows 10 Security Flaw Exposed on Twitter

[Lucian Armasu]

The PowerPool group of malicious actors has begun exploiting the Windows ALPC bug that was disclosed just last week.

Hackers Swoop In on Windows 10 Security Flaw Exposed on Twitter : Read more

 

[hotaru251]

so...since they used chromes auto-update...does this have no effect if u dont have it even on your pc?

 

[kenjitamura]

so...since they used chromes auto-update...does this have no effect if u dont have it even on your pc?

It's highly unlikely this is the only group to abuse this exploit and it sounds like it could just as easily be applied to nearly any other piece of software.

 

[1_rick]

"The initial stage of the infection, which is kickstarted via a malicious attachment sent in an email to the victim"

Uh-huh.

 

[pjkrojcer]

Yeah straight up, from what I gather, you need to infect your PC first via clicking on the attachment. So, uhh, don't open attachments from people you don't know?

 

[Albert_15]

* gets an email saying "see attached file for instructions on how to mitigate this attack"

 

[Larmo-Ct]

I get the impression from this article. That SandboxEscaper was a jerk, by releasing this info before informing Microsoft of this/these exploits, and telling the world about it. But the most important question I have is. Does the Microsoft Sept. 11 patch, address all of the hacks mentioned in the article?? Thanks in advance for any responses. ????