Microsoft Releases a Windows Update to Fix 'Follina' Vulnerability Actively Exploited by Hackers

Shortly after the vulnerability became public, China-backed hackers were able to exploit it to target some Tibetan users.

Advertisement
By Jagmeet Singh | Updated: 16 June 2022 14:25 IST
Highlights
  • Microsoft has made the update for users on Windows 7 and later
  • Windows update fixes the issue impacting MSDT component
  • Microsoft was first made aware about the vulnerability in April

Microsoft has urged Windows users to install the update

Photo Credit: Reuters

Microsoft has finally released a Windows security fix for the vulnerability that has actively been exploited by hackers. The issue, which was named "Follina" by security researchers, was publicly disclosed last month, though it was initially reported to the Redmond company in April. It enables attackers to hack Windows PCs using a maliciously crafted Microsoft Word document. The security update is available for users on Windows 7 and later. Microsoft has urged users to install the update "as soon as possible" to restrict attackers from gaining access to their systems.

Windows users should install the update by going to the Settings. The update has also been released for systems that are configured to receive automatic updates, Microsoft said in an update to its security advisory.

"Microsoft strongly recommends that customers install the updates to be fully protected from the vulnerability," the company noted.

Advertisement

As reported last month, the security issue, which has been tracked as CVE-2022-30190, was disclosed on Twitter by Tokyo-based cybersecurity researcher team Nao_sec. It initially appeared to be impacting Microsoft Office, though Microsoft acknowledged that the flaw was related to Microsoft Diagnostic Tool (MSDT) that comes preloaded on Windows operating system.

Advertisement

Attackers would be able to exploit the vulnerability by executing PowerShell commands and eventually gain control of the MSDT.

Shortly after it became public, the severe vulnerability was found to be exploited by China-based hackers by using malicious Word documents to Tibetan users. When the documents are accessed, the attackers would be able to leverage the exploit to gain MSDT access and run tasks including installation of certain programs or creation of new user accounts.

Advertisement

As reported by Bleeping Computer, the latest update doesn't restrict Microsoft Office from loading Windows URI handlers without user interactions. It, however, limits attackers to get the control of MSDT by executing PowerShell commands.

The security update is available to all users who have a system running Windows 7 or later. Windows 10 versions have received it as KB5014699, while the update is available as KB5014697 on Windows 11 systems.

This week on Orbital, the Gadgets 360 podcast, we discuss the Surface Pro 8, Go 3, Duo 2, and Laptop Studio — as Microsoft sets a vision for Windows 11 hardware. Orbital is available on Spotify, Gaana, JioSaavn, Google Podcasts, Apple Podcasts, Amazon Music and wherever you get your podcasts.
Affiliate links may be automatically generated - see our ethics statement for details.
 
Post your comments

Catch the latest from the Consumer Electronics Show on Gadgets 360, at our CES 2026 hub.

Further reading: Windows update, Microsoft, Windows vulnerability, Follina vulnerability, Follina, Windows
Elista Smart LED TV Lineup Launched in India, Powered by webOS TV: Price, Specifications
OnePlus 10T New Renders Leak Online; Suggest Design Specifications, Colour Options
Advertisement

Related Stories

Microsoft Releases Final Windows 10 Update With Bug Fixes, Security Patches; 'Big' Windows Announcement Teased
15 October 2025
Microsoft Ends Windows 10 Support Today: Here are Five Things to Know
14 October 2025
How to Update to Windows 11 Before Microsoft Ends Windows 10 Support on October 14: A Step-by-Step Guide
13 October 2025
Microsoft's Xbox Full-Screen Experience Leaks on Other Windows Handhelds Ahead of ROG Xbox Ally Debut
18 September 2025
Microsoft Fixes One Zero-Day Vulnerability, 136 Other Flaws With July 2025 Windows Security Update
9 July 2025
Popular on Gadgets
Latest Gadgets
Popular Mobile Brands
#Trending Stories
  1. Samsung Galaxy S26 Ultra Tipped to Launch With These Camera Improvements
  2. Redmi Pad 2 Pro 5G Price Range, Chipset Revealed Ahead of Launch in India
  3. Vivo X300 Ultra Design, Display Details Surface Ahead of China Launch
  4. iQOO Z11 Turbo Confirmed to Launch in These Four Colourways in China
  5. LG OLED G6, LG OLED W6 Could Launch With New Hyper Radiant Panels in 2026
  6. Samsung Galaxy S26, Galaxy S26 Ultra Spotted in Leaked Hands-On Images
  7. Moto X70 Air Pro Teaser Confirms AI Focus and Pro Upgrade
#Latest Stories
  1. NASA to Preview Upcoming ISS Spacewalks Focused on Solar Array Upgrades in January 2026
  2. New Study Explains Why Earth’s Poles Are Heating Up at an Alarming Rate
  3. Kumki 2 OTT Release Date: When and Where to Watch This Tamil Movie Online?
  4. The Demon Hunter OTT Release Date: When and Where to Watch it Online?
  5. A Legacy of Mettle: The Bharat Benz Story Now Streaming Online: Know Where to Watch it Online
  6. Members Only: Palm Beach Season 1 Streaming on Netflix: Everything You Need to Know About This Show
  7. Samsung Galaxy S26, Galaxy S26 Ultra Design Spotted in Leaked Hands-On Images
  8. Hotels Shift Focus to Loyalty Programmes to Challenge AI Agents, Booking Platforms: Report
  9. AI Impact Summit 2026: MeitY Says AI Should Not Be Controlled by Small Set of Companies
  10. Moto X70 Air Pro to Launch in China Soon; Could Feature Periscope Telephoto Camera, Snapdragon Chipset
Gadgets 360 is available in
Follow Us
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2025. All rights reserved.