Phishing Email Alert
Phishing Email Alert
- Cybercriminals are actively sending deceptive Microsoft Word files containing enticing content to the email address dopinformation@gov.mm.gov-org.com, with the intention of pilfering sensitive information.
- Opening the attached Microsoft Word files may pose a security threat due to a vulnerability in Microsoft Office, specifically CVE 2022-30190. This could lead to the download of HTML or RTF files containing malicious code from mmcert-org-mm.downloaded.com and other harmful websites. Exploiting the security vulnerability in the Microsoft Windows Support Diagnostic Tool (MSDT), attackers could potentially take control of the victim's entire computer, resulting in data theft and potential system damage.
- Windows systems that remain vulnerable include non-updated versions of Windows Server 2022/2019/2016/2012 & 2012 R2/2008 R2, Windows 11/10/8.1, and Windows 7 Service Pack 1.
- Microsoft addressed the security vulnerability CVE 2022-30190, related to the Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution, with an update released in June 2022.
- Users of Microsoft Windows and Microsoft Office are strongly advised to regularly update their operating systems and software. Additionally, maintaining up-to-date antivirus software is crucial to safeguard against potential cyber attacks.
Myanmar Computer Emergency Response Team (Myanmar CERT)