Microsoft fixes bug that let Chinese hackers target Windows users
New Delhi: Microsoft has patched a serious Windows bug that allowed China government-backed hackers, who previously targeted the Tibetan government-in-exile based in Dharamshala, to actively exploit it in Microsoft Office to steal and delete users’ data. According to cyber-security firm Proofpoint, the newly-discovered zero-day vulnerability titled ‘Follina’ in Microsoft Office was being exploited by advanced persistent […]
New Delhi: Microsoft has patched a serious Windows bug that allowed China government-backed hackers, who previously targeted the Tibetan government-in-exile based in Dharamshala, to actively exploit it in Microsoft Office to steal and delete users’ data.
According to cyber-security firm Proofpoint, the newly-discovered zero-day vulnerability titled ‘Follina’ in Microsoft Office was being exploited by advanced persistent threat (APT) group ‘TA413’ linked to the Chinese government.
“Microsoft strongly recommends that customers install the updates to be fully protected from the vulnerability,” Microsoft said in its latest advisory on Wednesday.
“Customers whose systems are configured to receive automatic updates do not need to take any further action,” the company added.
Microsoft has finally released a fix for ‘Follina’, a zero-day vulnerability in Windows that’s being actively exploited by state-backed hackers.
The ‘Follina’ zero-day vulnerability was initially flagged to Microsoft in April.
‘Follina’ affected Microsoft Office 2013, 2016, 2019, 2021, Office ProPlus, and Office 365.
“An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application. The attacker can then install programmes, view, change, or delete data, or create new accounts in the context allowed by the user’s rights,” alerted the company.
The US Cybersecurity and Infrastructure Security Agency has also asked system administrators to implement Microsoft’s guidance for mitigating exploitation.
Chinese hackers have a long history of using software security flaws to target Tibetans.
Related News
-
Opinion: NATO must tread wisely in SE Asia
-
Microsoft announces to end support for Cortana on Windows by late 2023
-
Microsoft increases Bing Chat’s turn limit to 30 chats per session
-
Microsoft, Accenture to empower 13 Indian social impact startups
-
WhatsApp to support screen-sharing on Android devices
-
OpenAI expands ChatGPT app availability to iOS users in India
-
Once power-starved, Telangana now self-sufficient
7 mins ago -
Hyderabad: 14 held for holding cock-fighting
26 mins ago -
French Open: Alcaraz thrashes Musetti to reach quarterfinals
47 mins ago -
JEE Advanced results to be out on June 18
1 hour ago -
Protesting wrestlers meet HM Amit Shah, share concerns
1 hour ago -
Telangana govt’s TDR policy a win-win situation for all
2 hours ago -
Series of events showcasing strength, capability of Telangana Police held in Hyderabad
2 hours ago -
Drone show at Durgam Cheruvu leave Hyderabadis spellbound
7 hours ago