Latest News

Alert background

Earlier today Microsoft disclosed a vulnerability (named “Follina”) in the Microsoft Support Diagnostic Tool (MSDT). The vulnerability can be exploited by cybercriminals sending a URL to a vulnerable machine. Successful exploitation allows cybercriminals to install programs, view or change data, or create new accounts in line with the victim’s user permissions.
 
Victims may be deceived into opening documents using email attachments, social media links, file downloads or other creative delivery methods.
 
We are aware that Australian organisations have actively been targeted.

How do I stay secure?

Since this is currently a zero-day vulnerability there is no patch available yet. Here is how to safeguard your organisation:

• Caution your users to be extra observant when opening any attachments, particularly Microsoft Office documents.
• Follow  Microsoft's guidance on implementing a workaround.
• Once a patch is available, apply it immediately.

Update as of June 15: Microsoft have fixed the Follina zero-day flaw in Windows. The update included security updates to address 55 vulnerabilities. It is strongly strongly recommended to install the updates to be fully protected from the vulnerability.

Need help?

The CyberUnlocked  team are here to help, call us today on 1300 901 835.