igforum.bio / microsoft-patches-follina-threat-in-latest-patch-tuesday-release-techradar - 265335
H
%Start Microsoft patches Follina threat in latest Patch Tuesday release TechRadar Skip to main content TechRadar is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Here's why you can trust us.
Henry Schmidt Member
access_time 1 minutes ago
%Start Microsoft patches Follina threat in latest Patch Tuesday release TechRadar Skip to main content TechRadar is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Here's why you can trust us.
thumb_up Like (9)
comment Reply (1)
share Share
visibility 534 views
thumb_up 9 likes
comment 1 replies
Z
Zoe Mueller 1 minutes ago
Microsoft patches Follina threat in latest Patch Tuesday release By Sead Fadilpaši&#2...
T
Microsoft patches Follina threat in latest Patch Tuesday release By Sead Fadilpašić published 15 June 2022 Patch Tuesday June 2022 cumulative update is out now (Image credit: TechRadar) Audio player loading… Microsoft has just pushed its June 2022 cumulative update for Windows, including a patch for the dreaded Follina vulnerability. "Microsoft strongly recommends that customers install the updates to be fully protected from the vulnerability. Customers whose systems are configured to receive automatic updates do not need to take any further action," Microsoft said in its advisory.
Thomas Anderson Member
access_time 8 minutes ago
Microsoft patches Follina threat in latest Patch Tuesday release By Sead Fadilpašić published 15 June 2022 Patch Tuesday June 2022 cumulative update is out now (Image credit: TechRadar) Audio player loading… Microsoft has just pushed its June 2022 cumulative update for Windows, including a patch for the dreaded Follina vulnerability. "Microsoft strongly recommends that customers install the updates to be fully protected from the vulnerability. Customers whose systems are configured to receive automatic updates do not need to take any further action," Microsoft said in its advisory.
thumb_up Like (40)
comment Reply (0)
thumb_up 40 likes
S
Discovered by cybersecurity expert Kevin Beaumont, and dubbed "Follina", the flaw leverages a Windows utility called msdt.exe, designed to run different troubleshooter packs on Windows. The researcher found that when the victim downloads a weaponized Word file, they don't even need to run it, previewing it in Windows Explorer is enough for the tool to be abused (it has to be an RTF file, though).  (opens in new tab) Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022 (opens in new tab).
Sophie Martin Member
access_time 6 minutes ago
Discovered by cybersecurity expert Kevin Beaumont, and dubbed "Follina", the flaw leverages a Windows utility called msdt.exe, designed to run different troubleshooter packs on Windows. The researcher found that when the victim downloads a weaponized Word file, they don't even need to run it, previewing it in Windows Explorer is enough for the tool to be abused (it has to be an RTF file, though).  (opens in new tab) Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022 (opens in new tab).
thumb_up Like (31)
comment Reply (0)
thumb_up 31 likes
N
Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at the end of this survey (opens in new tab) to get the bookazine, worth $10.99/£10.99.
Noah Davis Member
access_time 12 minutes ago
Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at the end of this survey (opens in new tab) to get the bookazine, worth $10.99/£10.99.
thumb_up Like (18)
comment Reply (0)
thumb_up 18 likes
C
Follina abused in the wild By abusing this utility, the attackers are able to tell the target endpoint (opens in new tab) to call an HTML file, from a remote URL. The attackers have chosen the xmlformats[.]com domain, probably trying to hide behind the similar-looking, albeit legitimate, openxmlformats.org domain used in most Word documents. The HTML file holds plenty of "junk", which obfuscates its true purpose - a script that downloads and executes a payload.  Microsoft's fix doesn't prevent Office from loading Windows protocol URI handlers automatically and without user interaction, but it does block PowerShell injection, thus rendering the attack useless.Read more> Watch out for this dangerous new Microsoft Word scam, Office users warned (opens in new tab) > This dangerous Microsoft Office zero-day is now being exploited in the wild (opens in new tab) > Windows Follina zero-day now being abused to infect PCs with Qbot malware (opens in new tab) As soon as it was discovered, researchers started spotting the flaw being abused in the wild.
Christopher Lee Member
access_time 20 minutes ago
Follina abused in the wild By abusing this utility, the attackers are able to tell the target endpoint (opens in new tab) to call an HTML file, from a remote URL. The attackers have chosen the xmlformats[.]com domain, probably trying to hide behind the similar-looking, albeit legitimate, openxmlformats.org domain used in most Word documents. The HTML file holds plenty of "junk", which obfuscates its true purpose - a script that downloads and executes a payload.  Microsoft's fix doesn't prevent Office from loading Windows protocol URI handlers automatically and without user interaction, but it does block PowerShell injection, thus rendering the attack useless.Read more> Watch out for this dangerous new Microsoft Word scam, Office users warned (opens in new tab) > This dangerous Microsoft Office zero-day is now being exploited in the wild (opens in new tab) > Windows Follina zero-day now being abused to infect PCs with Qbot malware (opens in new tab) As soon as it was discovered, researchers started spotting the flaw being abused in the wild.
thumb_up Like (38)
comment Reply (2)
thumb_up 38 likes
comment 2 replies
N
Noah Davis 19 minutes ago
Among its earliest adopters, allegedly, were Chinese state-sponsored threat actors, mounting cyberat...
I
Isaac Schmidt 9 minutes ago
Via: BleepingComputer (opens in new tab) Sead Fadilpašić Sead is a seasoned free...
O
Among its earliest adopters, allegedly, were Chinese state-sponsored threat actors, mounting cyberattacks (opens in new tab) against the international Tibetan community.  "TA413 CN APT spotted ITW exploiting the Follina 0Day using URLs to deliver Zip Archives which contain Word Documents that use the technique," cybersecurity researchers from Proofpoint said two weeks ago. The same company also found Follina being abused by another threat actor, TA570, to distribute Qbot, while NCC Group found it being further abused by Black Basta, which is a known ransomware group.
Oliver Taylor Member
access_time 6 minutes ago
Among its earliest adopters, allegedly, were Chinese state-sponsored threat actors, mounting cyberattacks (opens in new tab) against the international Tibetan community.  "TA413 CN APT spotted ITW exploiting the Follina 0Day using URLs to deliver Zip Archives which contain Word Documents that use the technique," cybersecurity researchers from Proofpoint said two weeks ago. The same company also found Follina being abused by another threat actor, TA570, to distribute Qbot, while NCC Group found it being further abused by Black Basta, which is a known ransomware group.
thumb_up Like (36)
comment Reply (2)
thumb_up 36 likes
comment 2 replies
N
Nathan Chen 1 minutes ago
Via: BleepingComputer (opens in new tab) Sead Fadilpašić Sead is a seasoned free...
K
Kevin Wang 4 minutes ago
In his career, spanning more than a decade, he's written for numerous media outlets, including ...
A
Via: BleepingComputer (opens in new tab) Sead Fadilpašić Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations).
Audrey Mueller Member
access_time 21 minutes ago
Via: BleepingComputer (opens in new tab) Sead Fadilpašić Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations).
thumb_up Like (46)
comment Reply (0)
thumb_up 46 likes
E
In his career, spanning more than a decade, he's written for numerous media outlets, including Al Jazeera Balkans. He's also held several modules on content writing for Represent Communications. See more Computing news Are you a pro?
Emma Wilson Admin
access_time 24 minutes ago
In his career, spanning more than a decade, he's written for numerous media outlets, including Al Jazeera Balkans. He's also held several modules on content writing for Represent Communications. See more Computing news Are you a pro?
thumb_up Like (24)
comment Reply (3)
thumb_up 24 likes
comment 3 replies
D
Dylan Patel 14 minutes ago
Subscribe to our newsletter Sign up to theTechRadar Pro newsletter to get all the top news, opinion,...
H
Harper Kim 8 minutes ago
You will receive a verification email shortly. There was a problem....
Show 1 more replies
A
Subscribe to our newsletter Sign up to theTechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Thank you for signing up to TechRadar.
Aria Nguyen Member
access_time 18 minutes ago
Subscribe to our newsletter Sign up to theTechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Thank you for signing up to TechRadar.
thumb_up Like (41)
comment Reply (0)
thumb_up 41 likes
E
You will receive a verification email shortly. There was a problem.
Evelyn Zhang Member
access_time 30 minutes ago
You will receive a verification email shortly. There was a problem.
thumb_up Like (16)
comment Reply (3)
thumb_up 16 likes
comment 3 replies
J
Julia Zhang 9 minutes ago
Please refresh the page and try again. MOST POPULARMOST SHARED1RTX 4090 too expensive?...
M
Madison Singh 6 minutes ago
Nvidia resurrects another old favorite2Blizzard made me explain Overwatch 2 smurfing to my mum for n...
Show 1 more replies
R
Please refresh the page and try again. MOST POPULARMOST SHARED1RTX 4090 too expensive?
Ryan Garcia Member
access_time 33 minutes ago
Please refresh the page and try again. MOST POPULARMOST SHARED1RTX 4090 too expensive?
thumb_up Like (16)
comment Reply (1)
thumb_up 16 likes
comment 1 replies
O
Oliver Taylor 29 minutes ago
Nvidia resurrects another old favorite2Blizzard made me explain Overwatch 2 smurfing to my mum for n...
E
Nvidia resurrects another old favorite2Blizzard made me explain Overwatch 2 smurfing to my mum for nothing3Apple October launches: the new devices we might see this month4Google's AI editing tricks are making Photoshop irrelevant for most people5Nvidia RTX 4090 Ti reportedly canned due to sky-high power consumption1Best laptops for designers and coders 2The iPhone 14 Pro is made of the wrong stuff; the Pixel 7 proves that to me3Stop saying Mario doesn't have an accent in The Super Mario Bros. Movie4iPhone 15 tipped to come with an upgraded 5G chip5Google Pixel Tablet is what Apple should've done ages ago Technology Magazines (opens in new tab)● (opens in new tab)The best tech tutorials and in-depth reviewsFrom$12.99 (opens in new tab)View (opens in new tab)
Ella Rodriguez Member
access_time 12 minutes ago
Nvidia resurrects another old favorite2Blizzard made me explain Overwatch 2 smurfing to my mum for nothing3Apple October launches: the new devices we might see this month4Google's AI editing tricks are making Photoshop irrelevant for most people5Nvidia RTX 4090 Ti reportedly canned due to sky-high power consumption1Best laptops for designers and coders 2The iPhone 14 Pro is made of the wrong stuff; the Pixel 7 proves that to me3Stop saying Mario doesn't have an accent in The Super Mario Bros. Movie4iPhone 15 tipped to come with an upgraded 5G chip5Google Pixel Tablet is what Apple should've done ages ago Technology Magazines (opens in new tab)● (opens in new tab)The best tech tutorials and in-depth reviewsFrom$12.99 (opens in new tab)View (opens in new tab)
thumb_up Like (42)
comment Reply (2)
thumb_up 42 likes
comment 2 replies
D
Dylan Patel 11 minutes ago
Microsoft patches Follina threat in latest Patch Tuesday release TechRadar Skip to main content Tec...
W
William Brown 10 minutes ago
Microsoft patches Follina threat in latest Patch Tuesday release By Sead Fadilpaši&#2...

Write a Reply

Similar Discussions