Microsoft says that a group of hackers linked to the Russian government exploited a newly discovered flaw in its Windows software.
Microsoft was alerted to the flaw by security researchers at Google who also recently discovered a serious vulnerability in Adobe Flash Player.
Adobe has since issued a fix for the vulnerability, while Microsoft has said it is testing a security patch and expects to release it by November 8.
Microsoft officially acknowledge the security flaw in Windows on Tuesday but only after hitting out at Google for going public about the vulnerability.
“Today’s disclosure by Google puts customers at potential risk,” a Microsoft spokesperson told VentureBeat.
Microsoft has said the vulnerability has been exploited by a group called “Strontium” which used it to target a “specific set of customers”.
While Microsoft has not officially identified any victims of the security breach, Terry Myerson, executive vice president of Microsoft’s Windows and Devices Group said in a blog post that hackers sent phishing emails to victims in order to expose the vulnerabilities in both Windows and Adobe Flash.
Strontium are reported to have links to the Russian government and are also known as “Fancy Bear” who are believed to be responsible for recent attacks on the Democratic National Committee, as well as on various governments, media outlets and political figures around the world.