Open Menu
AllLocalCommunitiesAbout
lotide
AllLocalCommunitiesAbout
Login

Microsoft releases urgent Office patch. Russian-state hackers pounce.

⁨164⁩ ⁨likes⁩

Submitted ⁨⁨3⁩ ⁨weeks⁩ ago⁩ by ⁨return2ozma@lemmy.world⁩ to ⁨technology@lemmy.world⁩

https://arstechnica.com/security/2026/02/russian-state-hackers-exploit-office-vulnerability-to-infect-computers/

source

Comments

Sort:hotnewtop
  • m3t00@piefed.world ⁨3⁩ ⁨weeks⁩ ago

    no worries copilot has screenshots

    source
    • Tramort@programming.dev ⁨3⁩ ⁨weeks⁩ ago

      That’s so fucking on target

      source
    • WhyJiffie@sh.itjust.works ⁨3⁩ ⁨weeks⁩ ago

      and onedrive has all your documents too in original form

      source
  • FiniteBanjo@feddit.online ⁨3⁩ ⁨weeks⁩ ago

    Slopper companies like MS, Google, and Spotify are all having massive vulnerabilities. I wonder why.

    source
    • Zink@programming.dev ⁨3⁩ ⁨weeks⁩ ago

      It sounds like they’ve gotten fat, rich, and complacent. Just like some societies I know!

      source
    • timewarp@lemmy.world ⁨3⁩ ⁨weeks⁩ ago

      Vibe coding. Overuse of H-1B visas. Microsoft specifically seems to rely a lot on foreign workers because a lot of them will do whatever their employer asks without question because their employer has a lot of control over whether they are even allowed in the US.

      source
      • very_well_lost@lemmy.world ⁨3⁩ ⁨weeks⁩ ago

        Overuse of H-1B visas.

        It’s literally a system of indentured servitude and corpos are just free to abuse it with impunity.

        source
    • WhyJiffie@sh.itjust.works ⁨3⁩ ⁨weeks⁩ ago

      Obviously the problem is that office was not written in a safe language. rewrite office in rust!

      source
      • dejpivo@lemmings.world ⁨3⁩ ⁨weeks⁩ ago

        I genuinely wonder if rust helps guarding against slop coding vulnerabilities, at least statistically.

        source
        • -> View More Comments
    • ILikeBoobies@lemmy.ca ⁨3⁩ ⁨weeks⁩ ago

      Don’t forget Linux.

      (XZ not technically Linux)

      source
  • Australis13@fedia.io ⁨3⁩ ⁨weeks⁩ ago

    Rather impressive how quickly the hackers reverse-engineered Microsoft's patch and used the vulnerability whilst the opportunity was still available:

    The threat group, tracked under names including APT28, Fancy Bear, Sednit, Forest Blizzard, and Sofacy, pounced on the vulnerability, tracked as CVE-2026-21509, less than 48 hours after Microsoft released an urgent, unscheduled security update late last month, the researchers said. After reverse-engineering the patch, group members wrote an advanced exploit that installed one of two never-before-seen backdoor implants.

    source
    • frongt@lemmy.zip ⁨3⁩ ⁨weeks⁩ ago

      And this is why quickly applying security updates is important.

      source
      • Prove_your_argument@piefed.social ⁨3⁩ ⁨weeks⁩ ago

        Who needs a maintenance window or to test updates? Just roll the dice constantly.

        source
      • Damage@feddit.it ⁨3⁩ ⁨weeks⁩ ago

        Yeah if your OS is a fucking sieve

        source