Microsoft has patched a serious Windows bug that allowed China government-backed hackers, who previously targeted the Tibetan government-in-exile based in Dharamshala, to actively exploit it in Microsoft Office to steal and delete users’ data.
According to cyber-security firm Proofpoint, the newly-discovered zero-day vulnerability titled ‘Follina’ in Microsoft Office was being exploited by advanced persistent threat (APT) group ‘TA413’ linked to the Chinese government.
“Microsoft strongly recommends that customers install the updates to be fully protected from the vulnerability,” Microsoft said in its latest advisory on Wednesday.
“Customers whose systems are configured to receive automatic updates do not need to take any further action,” the company added.
Microsoft has finally released a fix for ‘Follina’, a zero-day vulnerability in Windows that’s being actively exploited by state-backed hackers.
The ‘Follina’ zero-day vulnerability was initially flagged to Microsoft in April.
‘Follina’ affected Microsoft Office 2013, 2016, 2019, 2021, Office ProPlus, and Office 365.
“An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application. The attacker can then install programmes, view, change, or delete data, or create new accounts in the context allowed by the user’s rights,” alerted the company.
The US Cybersecurity and Infrastructure Security Agency has also asked system administrators to implement Microsoft’s guidance for mitigating exploitation.
Chinese hackers have a long history of using software security flaws to target Tibetans.