Microsoft Corp. released a fix for Windows zero-day flaw exploited by state-backed hackers.
However, cybersecurity firm Sophos noted that the fix did not feature on the list of patches included in the release. However, it confirmed the mitigation of Follina.
Microsoft strongly recommended that customers install the updates for complete protection from the vulnerability.
Hackers exploited the Follina flaw to execute malicious PowerShell commands using the Microsoft Diagnostic Tool while opening or previewing malicious Office documents, the TechCrunch reports. It enables hackers to view or delete data, install programs and create new accounts on compromised systems.
In April, cybersecurity researchers first detected the exploit to target Russian and Belarussian users. In May, Enterprise security firm Proofpoint disclosed that a Chinese state-sponsored hacking group was exploiting the zero-day attacks….