Microsoft warned of a new series of attacks that try to hijack the system to update a popular software program to spread malicious software on computers owned by financial organizations and payment services.
The company did not disclose the name of the program that was attacked, but revealed it was a very popular editing application, adding that its manufacturer is also experiencing a number of attacks.
This new series of attacks was detected by Windows Defender Advanced Threat Protection, which revealed that the target company was not aware of the issue.
By doing hijacking for the software update system, the hacker enables the deployment of an executable file on the target machines which was then used to obtain remote access privileges and thereby gain full control over their targets.
Microsoft says third-party software developers must improve the security of their update mechanism, adding that strong encryption is essential because of the increasing number of attacks trying to hijack these systems.
The company said it is now working with the company's parent company to solve the problem and improve its security mechanisms
Comments
Post a Comment