Latest News

Alert background

Earlier today Microsoft disclosed a vulnerability (named “Follina”) in the Microsoft Support Diagnostic Tool (MSDT). The vulnerability can be exploited by cybercriminals sending a URL to a vulnerable machine. Successful exploitation allows cybercriminals to install programs, view or change data, or create new accounts in line with the victim’s user permissions.
 
Victims may be deceived into opening documents using email attachments, social media links, file downloads or other creative delivery methods.
 
We are aware that Australian organisations have actively been targeted.


How do I stay secure?

Since this is currently a zero-day vulnerability there is no patch available yet. Here is how to safeguard your organisation:

  • Caution your users to be extra observant when opening any attachments, particularly Microsoft Office documents.
  • Follow  Microsoft's guidance on implementing a workaround.
  • Once a patch is available, apply it immediately.


Update as of June 15: Microsoft have fixed the Follina zero-day flaw in Windows. The update included security updates to address 55 vulnerabilities. It is strongly strongly recommended to install the updates to be fully protected from the vulnerability.


Need help?

The CyberUnlocked  team are here to help, call us today on 1300 901 835.

More CyberUnlocked Blogs

Ransomware Payment Reporting is in effect

Sarah McAvoy Featured on Techpartner, “Waiting until an incident is in progress is too late"

by Cyberunlocked 3 June 2025
Ransomware Payment Reporting is, in effect, making it mandatory to report ransomware payments, and businesses must be prepared; "Deciding whether you would pay a ransom isn’t a crisis decision; it’s a preparedness decision".
Channel Meets Security Sydney 2025 | Sarah McAvoy

Channel Meets Security Sydney 2025

by Sarah McAvoy 30 May 2025
One of the highlights of the evening was the honest and engaging conversations about what clients really expect from their tech partners when it comes to cyber security. It was great to hear different views and share experiences with others in the field.
A diagram of a road showing the stages of a cyber security compliance journey.

Cyber Security Compliance: Everyone’s Starting Line is Different

by Sarah McAvoy 23 May 2025
At CyberUnlocked, I often step into the role of a Compliance Coach. It is not just about frameworks and documentation. It is about supporting businesses as they build capability. What many need most is: Encouragement to keep going, even when it gets tough Guidance that fits their maturity, industry and supply chain expectations A sounding board to help balance ambition with business reality