Microsoft has finally released a Windows security fix for vulnerabilities exploited by hackers. The issue, dubbed “Folina” by security researchers, was made public last month, although it was initially reported to the Redmond Company in April. It enables attackers to hack Windows PCs using a maliciously created Microsoft Word document. Security updates are available for Windows 7 and later users. Microsoft has urged users to install the “as soon as possible” update to prevent attackers from gaining access to their systems.
Windows users should go to settings and install the update. The update has also been released for systems configured to receive automatic updates, Microsoft said in an update. Security Advisor.
“Microsoft strongly recommends that customers install updates to be fully protected from vulnerabilities,” the company noted.
The security issue, reported last month, tracked as CVE-2022-30190, was revealed on Twitter by the Tokyo-based cybersecurity research team Nao_sec. This initially appeared to be affecting Microsoft Office, although Microsoft acknowledged that the error was related to the Microsoft Diagnostic Tool (MSDT) that was pre-loaded on the Windows operating system.
Attackers will be able to exploit vulnerabilities by executing PowerShell commands and eventually gain control of MSDT.
Soon after it became public, China-based hackers were seen exploiting serious vulnerabilities by using malicious Word documents to Tibetan users. When documents are accessed, attackers will be able to take advantage of exploits to gain access to MSDT and run tasks including installing certain programs or creating new user accounts.
As Report By Blipping Computer, the latest update does not restrict Microsoft Office to loading Windows URI handlers without user interaction. However, it limits attackers from gaining control of MSDT by executing PowerShell commands.