Microsoft has confirmed that Windows is affected by a zero-day vulnerability after researchers warned of exploitation in the wild.

The security hole, now tracked as CVE-2022-30190, came to light after a researcher who uses the online moniker “nao_sec” reported finding a malicious Word file designed to execute arbitrary PowerShell code. The file was uploaded to VirusTotal from Belarus.

Reposted from: SecurityWeek