No, that headline isn’t a joke. Unfortunately, there’s a significant vulnerability that’s actively being exploited in the wild through Internet Explorer and Office, and Microsoft has released a patch to fix it. You need to update your PC to protect it as soon as possible.
We first reported on this issue last week, and now Microsoft has solved the zero-day exploit with a new Windows update.
The exploit used Office files containing malicious ActiveX controls that could grant a threat actor access by simply downloading a file. When the file is opened, it automatically launches a page on Internet Explorer that contains an ActiveX control. It then downloads malware onto the victim’s computer, which can be used for all sorts of things.