Windows 10 ALERT – Critical bug can let hackers steal YOUR username and password – UK Express, 2018/04/15
Windows 10 fans have been put on alert about a critical bug which lets cybercriminals steal their username and password.
The vulnerability affects Microsoft’s Outlook software, and attackers can take advantage of it to steal Windows login credentials.
A hacker can get access to this sensitive information by convincing a victim to preview a rich text e-mail containing remotely hosted OLE objects.
Later is the article, it mentions a previous bug…
The news comes after last month Windows 10 users were put on alert about another security issue.
The critical vulnerability let cybercriminals exploit Microsoft’s Windows Remote Assistance feature to steal any file from a victim’s computer.
The exploit affected all versions of Windows to date, including Windows 10, Windows 8.1, Windows 7 and Windows XP.
Ahmed explained in a blog post how, for the vulnerability to be exploited, the victim needed to use Windows Remote Assistance to ask for help from another user.
The person who requested assistance then needed to send a file, via e-mail or other means, named “Invitation.msrcincident.” to a third-party.
It’s this file that cybercriminals could then exploit to ensure they had access to victims’ sensitive data.
Ahmed said hackers could trick victims into handing over this file via a mass phishing scam.
Make sure to keep your computer updated. I prefer manual updates rather than automatic, just to keep control over what comes in to your computer. Not all Windows updates are customer friendly.