The software is also often used for support requests and covers a wide spectrum from audio and internet to storage and update issues. For the attack to work, users must run a modified .diagcab file used to troubleshoot Windows. Because of this user interaction, Microsoft is only classifying the issue as “important” and not a critical vulnerability.
An executable file is then added to the autostart, which then automatically runs the next time you reboot and can perform any action on the infected computer. For example, the theft of passwords, the forking of any file or the recording of data traffic would be conceivable. According to Microsoft, all current versions of Windows are affected. Therefore, users must react in time and import the provided updates.