back to article Microsoft fixes under-attack Windows zero-day Follina

Microsoft claims to have finally fixed the Follina zero-day flaw in Windows as part of its June Patch Tuesday batch, which included security updates to address 55 vulnerabilities. Follina, eventually acknowledged by Redmond in a security advisory last month, is the most significant of the bunch as it has already been exploited …

  1. Pascal Monett Silver badge
    Windows

    "Disabling macros in, say, Word won't stop this from happening"

    Ah, Borkzilla, the malware gift that keeps on giving.

  2. NoneSuch Silver badge
    Coffee/keyboard

    So when you say you "fixed" it, you mean you rushed out a patch and hope nothing else breaks as a result of your slap-dashery.

  3. carl0s

    Automatic updates

    But what exactly does:

    "Customers whose systems are configured to receive automatic updates do not need to take any further action".

    Is this the Windows equivalent of them saying:

    "Customers using Exchange Online (cloud) do not need to take any action"?

    I see this a lot lately (Microsoft, cloud pushers, and Citrix with their cloud push) and I read it as marketing to drive people to feel safer with cloud services. It makes me cynical.

    I mean, in the case of ProxyLogon, Exchange server has has these flaws for however long, and by the time we get to hear about it and get the patches, they are telling us that cloud users don't need to worry. That's all well and good, but what went on in the months / years before the issue was discovered by the vendor, and more so before it was shared with their customers and on-prem users?

    Anyway back to my original question. Are they saying all users of Windows 8.1, 10 or 11 who have "automatic updates (a.k.a windows update, right? Or not right any more?)" turned on, don't need to worry? Or is there a marketing subtext to that sentence? - i.e. a device management monthly subscription?

    Or am I just over thinking it, or being too cynical?

    1. J. Cook Silver badge

      Re: Automatic updates

      It means that the patch is either already been deployed through the automatic update process, or is in queue.

      And to their credit, Borkzilla does tend to patch their own stuff first.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like