advertisement
Facebook
X
LinkedIn
WhatsApp
Reddit

Microsoft shares update that addresses 66 security issues including a zero day vulnerability

It is turning into a week for patches to zero day vulnerabilities, as Microsoft has followed Apple with one of its own extensive security updates.

This particular one included fixes for 66 different security issues, including one that aimed to use Office files to deliver malicious ActiveX controls.

Microsoft issued a warning regarding the opening of any unknown or mysterious Office files to users a few days ago, after security researchers had alerted the company that bad actors were actively exploiting the vulnerability.

Unpacking how the exploit worked, Microsoft explained that once users were tricked into opening the file, it would automatically launch a page on Internet Explorer, which contained an ActiveX control that downloads malware onto the victim’s computer.

If you are thinking Windows Defender will do the trick, at the time it issued the warning, no fix was in place, so it is best to download the newly released update, especially if you are an active Office user.

The exploit, which is classified as CVE-2021-40444 by Microsoft, is said to affect Windows Servers from version 2008, as well as devices running Windows 7 to Windows 10, which is a rather large group of customers, both commercial and enterprise.

Given that a further 65 vulnerabilities are being addressed in this update, downloading and installing it should be a no brainer for those running any of the above mentioned operating systems or the Office suite.

Further details on the update, can be found here.

[Image – Photo by Matthew Manuel on Unsplash]

advertisement

About Author

advertisement

Related News

Subscribe to
our newsletters

[mailpoet_form id=”1″]