Microsoft is urging all users of Windows, no matter where they are located in the world, to install the June update as soon as possible because it addresses a significant security flaw that has already been exploited by malicious actors. Everyone who is using a version of Windows 7, 10, or 11 should immediately upgrade to the most recent software version that includes the most recent update.
Following the discovery of a significant security flaw known as Follina a few days ago by researchers in the field of information security, a new version has been released. They even alerted Microsoft of the vulnerability, but the software giant did not pay attention to their study and instead disregarded its worries.
Follina is a complex vulnerability that may be infected via the use of applications such as Microsoft Word. Hackers from China have previously carried out attacks on Tibetans by infecting their computers with malware via the use of Word documents.
The Follina vulnerability gives the attacker the ability to seize control of the Microsoft Support Diagnostic Tool (MSDT), which serves as their portal for accessing the applications on a system, installing new software, and creating new user accounts on a machine that has been compromised. Users of Windows who are using a version other than Windows 10 or Windows 11 are required to apply the appropriate firmware updates, KB5014699 and KB5014697, respectively.
As Microsoft has told its users, "Microsoft highly advises that customers apply the patches in order to be completely protected against the vulnerability." [Citation needed] It goes on to say that customers who have their systems set up to automatically get updates do not need any further action on their part.
In addition to the incident that we discussed in this post, the Follina exploit has been used in a phishing campaign to target government agencies in both the United States and Europe. During this campaign, a message was sent with an attachment that carried the malware that was used to infect the systems that were being targeted.
Microsoft Office 2013 and subsequent versions, including Office 2021, have been discovered to be susceptible to the assaults. This was previously revealed by our team. On computers running Windows 10 or Windows 11, some versions of the software that come along with a license for Microsoft 365 might also contain exploitable security flaws.