This week Microsoft confirmed a new vulnerability dubbed "Follina" that involves Microsoft Office and its Diagnostic Tool.
In terms of vulnerabilities, knowledge can be power.
So, what do you need to know?
Follina is a 0-day attack and there's currently no patch available
This 0-day features remote code execution, which means once the code is detonated, threat actors can elevate their privileges and potentially gain "god mode" access to the affected environment
The mitigations that are available are workarounds that the industry has had minimal time to study the impact of and involve changing settings in the Windows Registry
Detonating this malicious code is as simple as opening up a Word document - in preview mode; or just a hover-preview of a download file without any clicks
How do you safeguard your environment?
Be EXTRA observant and cautious when opening any attachments, especially Microsoft Office documents.
Make sure you know and trust the sender AND the document before hovering or opening any document or attachment.
Overall, don't panic. Yes, this vulnerability makes it easier for hackers to gain access to your network, but malicious documents are a familiar attack strategy. Vigilant users can turn the tide against these unpredictable threats.
As always, if you have questions or concerns regarding Follina or any technology needs feel free to reach out to us!