the June 2022 cumulative Windows Updates seal the zero-day security hole that enabled an exploit called Follina (CVE-2022-30190).
The security flaw was in a Microsoft Windows Support Diagnostic Tool (MSDT) remote code execution bug, which allows hackers to execute arbitrary code within apps by using the tool, such as installation of programs, change or deletion of data or creation of a new Windows account with a compromised user’s rights on the affected PC.
The bug affects machines running Windows 7 and later.
The bug appears to have been exploited by Chinese hackers to send malicious documents to Tibetans. and also to target U.S. and European Union government agencies.
Other cyber-savvy criminals could use the same exploit on unpatched PCs to cause havoc. so we like Microsoft, recommend that you ensure your PC is patched as soon as possible.
“Microsoft strongly recommends that customers install the updates to be fully protected from the vulnerability. Customers whose systems are configured to receive automatic updates do not need to take any further action,” said Microsoft.
With automatic updates enabled you should already protected. If not then to ensure you have the latest patch go to the Windows Settings app, navigate to the Windows Update section to see whether your PC is up to date,, or needs an update, or in some cases a restart to apply the update.
Do this to keep your PC protected from malicious and opportunistic hackers.
