![]() However, a security researcher who goes by the handle Crazyman and was credited with first reporting the vulnerability said in a tweet that Microsoft initially tagged the flaw as not a “security-related issue”. The Follina zero-day was initially flagged to Microsoft on April 12. ![]() Follina is now also being abused by a Chinese threat group tagged as TA570 in ongoing phishing campaigns to infect victims with the Qbot banking trojan and in phishing attacks targeting U.S. The vulnerability affects all Windows versions still receiving security updates, including Windows 11, and enables threat actors to view or delete data, install programs and create new accounts on compromised systems.Ĭybersecurity researchers first observed hackers exploiting the flaw to target Russian and Belarussian users in April, and enterprise security firm Proofpoint last month said that a Chinese state-sponsored hacking group was exploiting the zero-day in attacks targeting the international Tibetan community. The Follina flaw has been exploited by attackers to execute malicious PowerShell commands by way of the Microsoft Diagnostic Tool (MSDT) when opening or previewing malicious Office documents, even if macros are disabled. “Microsoft strongly recommends that customers install the updates to be fully protected from the vulnerability,” Microsoft said in a June 14 update to its original advisory. But as noted by cybersecurity firm Sophos, the fix isn’t on the list of patches included in the release - though it has confirmed Follina is now mitigated. Microsoft has finally released a fix for “Follina,” a zero-day vulnerability in Windows that’s being actively exploited by state-backed hackers.Ī fix for the high-severity vulnerability - tracked as CVE-2022-30190 - has been released as part of Microsoft’s monthly release of security patches, known as Patch Tuesday.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |