## **According to Bkav’s report, currently, there are still nearly 4 million computers in Vietnam at risk of being attacked by viruses because the security patch has not been updated.** Security hole (CVE-2023-21716 ) has near absolute severity (9.8/10), allowing remote code execution on the target device. Taking advantage of the vulnerability, hackers can deploy large-scale virus infection campaigns, thereby taking control of devices remotely, collecting, encrypting data, downloading and executing other viruses. Nguyen Tien Dat, General Director of Bkav’s Malware Research Center, said: “Vulnerabilities of this type are always attractive to hackers because they exist on popular text files. Besides, not everyone knows how to update patches automatically.” Bkav has released a free tool to help users quickly check their computers for vulnerabilities and provide instructions for updating patches. To check for vulnerabilities, download the tool at *Bkav.com.vn/Tool/CVE-2023-21716Scan*, then extract and run the .exe file. At the main interface, users just need to click Check and wait until it’s done. The test will take about 30 seconds or longer depending on the device you are using. If yes, you just need to patch the vulnerability in one of two ways: – Method 1: Update the patch through Windows Update, by going to Settings – Windows Update, find and update the patch. – Method 2: Manually download the patch, by clicking OK in the scan result message to open the official patch download page from Microsoft. Note, before downloading the patch, you need to check the version of Microsoft Office you are using by opening Word or Excel, selecting Account – About Word. Once the version information is available, users just need to go to the Security Updates section, select the patch corresponding to the Microsoft Office version, and finally install.
