No Work From Home? Hackers Target A Critical Bug In All Windows Machines, How To Stay Safe
All versions of Microsoft Windows, including the latest Windows 10, have been found to have a security vulnerability, the company confirmed recently. Despite marking the vulnerability as a ¡°critical¡±, Microsoft does not seem to have any solution for it at the moment.
Previously undisclosed, the security flaw was recently highlighted by Microsoft, also confirming that cyber attackers are already aware of the vulnerability and are taking undue advantage of it.
In an advisory posted by Microsoft on Monday, the security flaw persists in the way the Windows OS renders fonts. In order to exploit the bug, an attacker would try to trick the Windows user into opening a malicious document. Once opened, the document will allow the attacker to run a malware on the system remotely.
The flaw has been marked ¡°Critical¡± by Microsoft as of now, which shows that the bug has the highest severity rating as per the company¡¯s standards. Microsoft also acknowledged that hackers were using the bug for ¡°limited, targeted attacks.¡± The ¡°limit¡±, however, was not revealed by the company.
The advisory posted by Microsoft offers a temporary workaround for the affected Windows users. To all the others, it tends to serve as a warning, at least until a patch for the same is released. You can check out these mitigation options based on the version of your Windows here.
A Work-From-Home Nightmare
In these troubled times with most regions being under lockdown due to the Coronavirus, Work-From-Home is in full swing. A bug like this can prove to be more dangerous than ever before.
As not every Windows user would have the knowhow of the mitigation options for the bug or how to execute them, precautions mentioned by Microsoft might not be followed by everyone. Any infected device resulting from such lack of precautions would also increase the downtime, rendering a Windows user helpless in continuing with his/ her work at home.
Microsoft is expected to come up with a solution for the bug by April 14. Till then, Windows users are advised to be on the lookout for any such cyber attack around the bug and follow the guidelines shared by Microsoft.