A security flaw affects Windows 11 but Microsoft does not react

Not even afraid.

Microsoft has to deal with a "zero day" vulnerability called Follina which affects Windows 11. It was documented at the end of May by security researcher Nao_sec on a blog post, reports

.

This flaw would allow executing malicious code remotely via a corrupted Office document.

No patch offered by Microsoft

"The attacker can install programs, view, modify, or delete data, or create new accounts within the scope permitted by user rights," Microsoft said in a security bulletin released on May 30.

The Government Center for Monitoring, Alerting and Responding to Computer Attacks (CERT-FR), for its part, indicated that the flaw had already been used by hackers.

Security firm Kaspersky has seen an increase in Follina attacks primarily in the United States, Brazil, Mexico and Russia.

Surprisingly, Microsoft didn't release a patch.

The American firm is content to offer workarounds.

But according to several specialists, these recommendations are insufficient in view of the seriousness of the fault.

“It's hard to understand why Microsoft continues to underestimate this actively exploited vulnerability in the wild.

It certainly does not help the security teams, ”says Jake Williams, cybersecurity expert, according to comments reported by

.

high tech

Millions of Samsung Galaxys affected by a security breach

high tech

War in Ukraine: Anonymous declares cyberwar on Killnet, a collective of pro-Russian hackers

• high tech

• Windows

• Microsoft

• Cybersecurity

• hacker

• cyberattack