Latest News

Alert background

Earlier today Microsoft disclosed a vulnerability (named “Follina”) in the Microsoft Support Diagnostic Tool (MSDT). The vulnerability can be exploited by cybercriminals sending a URL to a vulnerable machine. Successful exploitation allows cybercriminals to install programs, view or change data, or create new accounts in line with the victim’s user permissions.
 
Victims may be deceived into opening documents using email attachments, social media links, file downloads or other creative delivery methods.
 
We are aware that Australian organisations have actively been targeted.


How do I stay secure?

Since this is currently a zero-day vulnerability there is no patch available yet. Here is how to safeguard your organisation:

  • Caution your users to be extra observant when opening any attachments, particularly Microsoft Office documents.
  • Follow  Microsoft's guidance on implementing a workaround.
  • Once a patch is available, apply it immediately.


Update as of June 15: Microsoft have fixed the Follina zero-day flaw in Windows. The update included security updates to address 55 vulnerabilities. It is strongly strongly recommended to install the updates to be fully protected from the vulnerability.


Need help?

The CyberUnlocked  team are here to help, call us today on 1300 901 835.

More CyberUnlocked Blogs

A diagram of a road showing the stages of a cyber security compliance journey.

Cyber Security Compliance: Everyone’s Starting Line is Different

by Sarah McAvoy 23 May 2025
At CyberUnlocked, I often step into the role of a Compliance Coach. It is not just about frameworks and documentation. It is about supporting businesses as they build capability. What many need most is: Encouragement to keep going, even when it gets tough Guidance that fits their maturity, industry and supply chain expectations A sounding board to help balance ambition with business reality
interview with intergy 2

Sarah McAvoy at Intergy Consulting for crucial cyber security posture and mitigate risks of cyber-attack

by CyberUnlocked 25 February 2025
In the second part of our interview with Intergy Consulting, our founder, Sarah McAvoy from CyberUnlocked, explained the most critical cyber security measures that businesses can take today to enhance their security posture and mitigate risks of cyber-attack. Watch the full video to gain expert insights on how to protect your organisation from modern cyber security challenges!
Cover for Genea Cyber Attack

Genea Cyber Attack: Key Lessons and Essential Cyber Security Strategies for Healthcare

by Sarah McAvoy 24 February 2025
The Genea incident serves as a stark reminder of the evolving cyber threats facing the healthcare sector. By adopting comprehensive cyber security strategies and fostering a culture of vigilance, organisations can better protect themselves and their patients from future attacks.