Windows security updates have been causing problems for the past few months. However, this new update is more than recommended. This June patch from Microsoft fixes a major bug that can be used to infect all versions of Windows that the company still supports.
Known as Follina, the zero-day vulnerability typically uses malicious Word documents to take control of Microsoft Support Diagnostic Tool (MSDT).
The app itself is unable to detect the threat until it is too late, leaving hackers free to execute a variety of dangerous commands.
In a recent case in Tibet, evidence was found that Follina was being used to install programs, create user accounts and modify data stored on the target device, often without the knowledge of the user.
As Bleeping Computer has also discovered, it can be extended to collect various personal data, from browser passwords to email information.
The vulnerability is not limited to Asia, as there is evidence of Phishing similar in the United States and Europe. They currently target government agencies, but there’s no reason to think they won’t expand to consumer devices.
Proofpoint blocked a suspected state-aligned phishing campaign targeting less than 10 Proofpoint customers (European government and local US government) attempting to exploit #Follina / #CVE_2022_30190.
– Threat Analysis (@threatinsight)
June 3, 2022
The problem was discovered at the end of May and Microsoft was quick to recommend various solutions. But two weeks later, the company released a more formal update that invites everyone to download it. It is version KB5014699 on Windows 10, but KB5014697 on Windows 11.
To install it, just go to ‘Settings > Update & Security’ and click on ‘Check for updates’. You may need to clear pending updates for them to show up, but you don’t need to install Windows 11 first if you still have Windows 10. Even though automatic updates are activated, it is always worth making sure that the latest version is installed. .
With several devices already affected by the vulnerability, it is worth patching as soon as possible to protect vital information from hackers. the Pirates.