Windows 10 users should download a crucial new security update that Microsoft just released. For the latest Patch Tuesday, the Redmond-based tech giant released a new update that brings 56 fixes in total. If that wasn’t enough, one of these bugs was given a dreadful zero-day rating, which means the dangerous issue is being actively exploited by hackers.
The flaw, dubbed Follina, allows hackers to exploit a vulnerability in the Windows Support Diagnostic Tool to remotely execute dangerous code on a Windows 10 computer.
The vulnerability is believed to have been exploited since April, with cybercriminals able to install new programs, delete data as well as view and modify it, as well as create entirely new Windows accounts on a compromised PC.
This threat spread via malicious HTML and Word files included in fraudulent emails.
Express.co.uk recently reported this threat, warning Gmail, Outlook, Hotmail and other email users of the danger.
Speaking of the threat, Microsoft said, “An attacker who successfully exploits this vulnerability can execute arbitrary code with the privileges of the calling application.
“The attacker can then install programs, view, modify or delete data, or create new accounts within the scope authorized by the user’s rights.”
Windows and Surface makers have also advised customers to install the latest patch to protect against the threat.
The tech giant said, “Microsoft strongly recommends that customers install updates to be fully protected against the vulnerability. Customers whose systems are configured to receive automatic updates do not need to take any further action.
The Follina vulnerability, which has been tagged CVE-2022-30190, received a score of 7.8 on the Common Vulnerability Scoring System (CVSS).
The standardized system is used to rate the dangerousness of a vulnerability, with the Follina bug being classified as a “high” threat.
In addition to including a fix for this dangerous bug, the recent Patch Tuesday release also brings three fixes for flaws classified as “critical” danger.
To check if your PC needs to be updated, first click on the Start or Windows button and then go to the Settings screen.
You will then need to choose Update & Security and then click on the Windows Update tab.
Then click on Check for updates. If you have an update available that you can download, it will start downloading automatically.