When you subscribe we will use the information you provide to send you these newsletters. Sometimes they’ll include recommendations for other related newsletters or services we offer. Our Privacy Notice explains more about how we use your data, and your rights. You can unsubscribe at any time.
Windows 10 users are being urged to download the very latest security updates without delay. The warning comes after a major security threat was discovered that could leave fans of this operating system at risk from serious cyber attacks. The new vulnerability, which has just been disclosed by the team at Check Point Research (CPR), affects all Microsoft Office suite products, including Excel, Outlook and Office.
If exploited, via a simple malicious Excel file, it could hackers access to vital parts of a victims PC.
CPR says that, since the entire Office suite has the ability to embed Excel objects, this broadens the threat vector, making it possible to execute such an attack on almost any Office software, including Word, Outlook and others.
Luckily, the issue has now been fixed after CPR disclosed its research findings to Microsoft.
All of the vulnerabilities will be blocked today, as part of Microsoft’s Patch Tuesday, so it’s vital that Windows 10 users make sure their PCs are fully up to date with the very latest software.
Microsoft announce the Windows 10 update
Here are the updates that you need to install to make sure your computer is safe.
CVE-2021-31174 • CVE-2021-31178 • CVE-2021-31179 • CVE-2021-31939.
Explaining more about the attack Yaniv Balmas, Head of Cyber Research at Check Point Software, said: “The vulnerabilities found affect almost the entire Microsoft Office ecosystem. It’s possible to execute such an attack on almost any Office software, including Word, Outlook and others.
“We learned that the vulnerabilities are due to parsing mistakes made in legacy code. One of the primary learnings from our research is that legacy code continues to be a weak link in the security chain, especially in complex software like Microsoft Office.
“Even though we found only four vulnerabilities on the attack surface in our research, one can never tell how many more vulnerabilities like these are still laying around waiting to be found. I strongly urge Windows users to update their software immediately, as there are numerous attack vectors possible by an attacker who triggers the vulnerabilities that we found.”
If you are concerned about this new vulnerability the here’s how to update your PC.
1.Select the Start button, then select Settings > Update & security > Windows Update.
2.If you want to check for updates manually, select Check for updates.
3.Select Advanced options, and then under Choose how updates are installed, select Automatic (recommended).
Source: Read Full Article