That should be reported to US Homeland Security. It needs to be examined for backdoor vulnerability. Now that the Western world is semi at war with Russia, you can't ignore this sort of thing any more.
Right now, anything that can affect running systems from the outside has to be viewed as an attack vector. It would be a good idea for anyone running anything critical or semi-critical to turn off all remote updates for a few months.
Right now, anything that can affect running systems from the outside has to be viewed as an attack vector. It would be a good idea for anyone running anything critical or semi-critical to turn off all remote updates for a few months.