Windows under attack by zero-day flaw — what to do right now

Are you using a Windows PC? Then stop what you’re doing and check that you’re running the latest update, as it fixes some security holes hackers have been actively exploiting.

As Beeping Computer(opens in new tab) reports, the security tweaks bundled in the June 2022 cumulative Windows Updates seal the zero-day security hole that enabled an exploit dubbed Follina (CVE-2022-30190(opens in new tab)).

The security flaw came in the form of a Microsoft Windows Support Diagnostic Tool (MSDT) remote code execution bug, which allowed hackers to execute arbitrary code within apps using the tool, and allow the installation of programs, changing or deleting of data or making a new Windows account with a compromised user’s rights on the affected PC. The bug affects machines running Windows 7 or later.

And according to security researchers from Proofpoint(opens in new tab), the bug has been exploited by Chinese hackers who used it to send malicious documents to Tibetans. Furthermore, the bug has been used to target U.S. and European Union government agencies.

So while you may not be the target of potential state-sponsored hackers, other savvy cyber criminals could look to use the exploit on unpatched PCs to cause havoc. That’s why, like Microsoft, we recommend you make sure your PC is patched as soon as possible.

“Microsoft strongly recommends that customers install the updates to be fully protected from the vulnerability. Customers whose systems are configured to receive automatic updates do not need to take any further action,” said Microsoft.

So if you have automatic updates enabled then there’s a good chance you’re already protected. But if not you’ll want to ensure you have the latest patch.

To do that, head to the Windows Settings app, navigate to the Windows Update section and you should be told if your PC is up to date, if it needs an update, or in some cases if a restart is needed to apply the update. Make sure you do this to help keep your PC protected from malicious and opportunistic hackers.