New Delhi, June 16 (SocialNews.XYZ) Microsoft has patched a serious Windows bug that allowed China government-backed hackers, who previously targeted the Tibetan government-in-exile based in Dharamshala, to actively exploit it in Microsoft Office to steal and delete users' data.
According to cyber-security firm Proofpoint, the newly-discovered zero-day vulnerability titled 'Follina' in Microsoft Office was being exploited by advanced persistent threat (APT) group 'TA413' linked to the Chinese government.
"Microsoft strongly recommends that customers install the updates to be fully protected from the vulnerability," Microsoft said in its latest advisory on Wednesday.
"Customers whose systems are configured to receive automatic updates do not need to take any further action," the company added.
Microsoft has finally released a fix for 'Follina', a zero-day vulnerability in Windows that's being actively exploited by state-backed hackers.
The 'Follina' zero-day vulnerability was initially flagged to Microsoft in April.
'Follina' affected Microsoft Office 2013, 2016, 2019, 2021, Office ProPlus, and Office 365.
"An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application. The attacker can then install programmes, view, change, or delete data, or create new accounts in the context allowed by the user's rights," alerted the company.
The US Cybersecurity and Infrastructure Security Agency has also asked system administrators to implement Microsoft's guidance for mitigating exploitation.
Chinese hackers have a long history of using software security flaws to target Tibetans.
Source: IANS
About Gopi
Gopi Adusumilli is a Programmer. He is the editor of SocialNews.XYZ and President of AGK Fire Inc.
He enjoys designing websites, developing mobile applications and publishing news articles on current events from various authenticated news sources.
When it comes to writing he likes to write about current world politics and Indian Movies. His future plans include developing SocialNews.XYZ into a News website that has no bias or judgment towards any.
He can be reached at gopi@socialnews.xyz