Experts from Microsoft’s security department said that operating systems released after Windows 7 contain a piece of code that under certain conditions can pose a threat to the user. A bug called Follina is used by cybercriminals to hack into the system through Microsoft Word.
The problem first became known in late May, and now, after a series of experiments, the threat has finally been confirmed. Microsoft says the vulnerability was used by Chinese hackers to hack into computers of Beijing’s political opponents.
In particular, malicious Word documents were sent to recipients in Tibet. When opening the file, the virus uses the Follina exploit to gain control of the Microsoft Diagnostic Tool (MSDT) to execute commands. This path gives remote access to third parties who can create new accounts, make changes to programs, or inadvertently download personal daily files from your hard drive.
In addition, the exploit was used during cyberattacks and phishing campaigns against American and European government agencies. Therefore, users are encouraged to enable automatic system updates so that the OS removes the dangerous part of the code online.