Microsoft has blamed the Russian hacking collective called Fancy Bear for exploiting a Windows flaw recently made public by Google.
The company said in a security advisory that a hacking group previously linked to the Russian government and US political hacks has exploited a newly discovered Windows zero-day flaw that was outed by Google earlier this week.
Microsoft said that the hacking group 'Strontium', more commonly known as 'Fancy Bear', had carried out a small number of attacks using spear phishing techniques.
The hackers first compromised Adobe Flash, according to Microsoft, before using a second exploit to target a Windows kernel vulnerability in Vista through to Windows 10. From there, the so-called Fancy Bear hackers were able to install a backdoor on a victim's PC.
Terry Myerson, executive vice president of Microsoft's Windows and Devices division, said: "Recently, the activity group that Microsoft Threat Intelligence calls Strontium conducted a low-volume spear phishing campaign.
"This attack campaign, originally identified by Google’s Threat Analysis Group, used two zero-day vulnerabilities in Adobe Flash and the down-level Windows kernel to target a specific set of customers."
Myerson added that Microsoft "has attributed more zero-day exploits to Strontium than any other tracked group in 2016".
Microsoft said that a patch to protect users against this latest threat will be released on 8 November, but Myerson has advised customers to upgrade to the latest version of Windows 10 to be protected immediately. Because, of course, he did.
"Customers using Microsoft Edge on Windows 10 Anniversary Update are known to be protected from versions of this attack observed in the wild," he said.
Microsoft thanked Google for bringing the vulnerability to its attention, although it was not too pleased that the firm made it public.
"We believe responsible technology industry participation puts the customer first, and requires coordinated vulnerability disclosure," the firm said.
"Google's decision to disclose these vulnerabilities before patches are broadly available and tested is disappointing, and puts customers at increased risk."
Google, on the other hand, maintained that disclosing known and "actively exploited” vulnerabilities is in the interest of people seeking to secure their systems.
Citrix claims Workspot has 'continued to mislead the market' and use Citrix-patented features
Using proven technology from wireless, coax and ADSL/VDSL communication
Touts crowding genuine fans out of the market, claims government
Users complain they haven't been able to access their accounts or withdraw money