Moneycontrol PRO
LAMF
LAMF

Microsoft patches vulnerability in Windows 7 and above that hackers were exploiting

The flaw called Follina let hackers infiltrate systems using system applications like Microsoft Word
June 16, 2022 / 15:56 IST
Software,Development,,Internet,Technology,,Iot,Concept.,Double,Exposure,,Man,Coding

Microsoft has released a patch from Windows versions 7 and up, that fixes a critical security flaw called Follina, that let hackers take over systems using applications like Microsoft Word.

The Redmond technology giant has now patched the issue, and released a cumulative June 2022 update that addresses the flaw.

As spotted by Bleeping Computer, Microsoft has urged customers to install it and update their systems, "as soon as possible," stating that customers, "install the updates to be fully protected from the vulnerability. Customers whose systems are configured to receive automatic updates do not need to take any further action."

This flaw has been actively exploited, and gives threat actors the ability to run malicious code, and take control of programs installed on the device. They can also create and delete Windows accounts.

Surprisingly as Vulnerability Analyst at CERT/CC, Will Dormann found out the patches are listed as released in May, despite it being only two days since they were put out. He also notes that that it still possible to make the machine vulnerable to the flaw using a registry hack.

It's highly recommended that you download and install this patch as soon as possible, this is a known and actively exploited flaw that has been used by Chinese hackers to infiltrate the Tibetan administration.

Invite your friends and family to sign up for MC Tech 3, our daily newsletter that breaks down the biggest tech and startup stories of the day

Moneycontrol News

Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!

Subscribe to Tech Newsletters

  • On Saturdays

    Find the best of Al News in one place, specially curated for you every weekend.

  • Daily-Weekdays

    Stay on top of the latest tech trends and biggest startup news.

Advisory Alert:

It has come to our attention that certain individuals are representing themselves as affiliates of Moneycontrol and soliciting funds on the false promise of assured returns on their investments. We wish to reiterate that Moneycontrol does not solicit funds from investors and neither does it promise any assured returns. In case you are approached by anyone making such claims, please write to us at grievanceofficer@nw18.com or call on 02268882347