Khaberni - Microsoft warned against hackers exploiting critical security vulnerabilities in both Windows and Office systems, which could allow malicious attacks on users' devices.
The company announced the repair of a set of critical security vulnerabilities in both the Windows and Office systems after these vulnerabilities became actively exploited by cybercriminals targeting user devices and executing malicious attacks.
The updates released by the company in recent days include fixes for more than 50 vulnerabilities, including 6 of a type that do not require any user intervention.
One-click attacks
Microsoft explained that some of the announced vulnerabilities are exploited in relatively simple ways, allowing attackers to plant malicious software or breach systems by simply having the user click on a malicious link or open an infected file in Office.
These attacks involve minimal interaction from the victim, but their consequences can be severe, as they allow the execution of commands on targeted devices without the user’s knowledge.
Microsoft also listed another vulnerability affecting the old Internet Explorer, which enables attackers to plant malicious code using links or modified HTML files.
Besides, there is a vulnerability in Microsoft Office that can be exploited when carefully opening a targeted file, making it a real danger especially in work environments that rely on Word or Excel documents for file exchange.
Rare and dangerous
Security experts have described some of these vulnerabilities as rare and dangerous, especially those that allow the execution of commands with a single click, a feature exploited by hackers to circumvent traditional protection mechanisms.
The Patch Tuesday updates and safety recommendations released by Microsoft this month addressed 58 to 60 security flaws, including 6 defects that were already in exploitation before a fix was available.
Security reports clarify that the rapid deployment of updates is crucial to prevent further exploitation, especially since some technical details about the exploitation method were published publicly, which may encourage more attackers to use these flaws.
Microsoft is urging users and IT teams to update their systems and Office applications without delay, and to install the available patches to protect against potential risks.
Increasing danger
This warning coincides with alerts from international security agencies confirming an increase in malicious software attacks and the exploitation of vulnerabilities to breach vital sectors, including governments and major companies.
With details about vulnerabilities available online, the risk of broader attacks is increasing, making stringent security standards and system updates a priority for both institutions and individuals alike.
