A new vulnerability has been discovered for the Microsoft Office Suite named “Follina”. It is triggered by opening malicious MS Office documents. Follina is a zero-day discovery. It does not appear that there are any exploits just yet, but due to the nature of this exploit, attackers will start to utilize it.
“Zero-day” is a recently discovered security vulnerability that hackers can use to attack systems. “Zero-day” refers to the fact that the vendor or developer [Microsoft] has only just learned of the flaw – which means they have “zero days” to fix it.
Patching the Vulnerability
Microsoft has yet to release an update to patch Microsoft Office. Once a patch is made available, powersolution will push install it via our background management tools. In conjunction with monitoring for an official Microsoft patch, powersolution is utilizing the tools that we have at our disposal, We leverage security solutions such as our ThreatOps, Managed Antivirus, Secure Global Network, and Enhanced Email Security solution, to help protect our clients.
Microsoft’s Official details on the CVE are below:
What you need to know:
- This vulnerability is triggered by opening malicious Office documents.
- Threat actors may deceive victims into opening these documents using email attachments, social media links, file downloads, or other creative delivery methods.
- Don’t panic over this. Yes, this vulnerability makes it easier for hackers to gain access to your network. However, malicious documents are a familiar attack strategy and vigilant users can turn the tide against these unpredictable threats.
What you can do immediately:
- Be extra observant when opening up any attachments, particularly Microsoft Office documents.
- Never open a document or attachment from an unknown entity. This includes an attachment directly attached through an email or a document received through a URL, such as a OneDrive or Google Drive share.
Please contact powersolution if you would like to discuss this Microsoft Office vulnerability – or, if you have any other IT security questions or concerns. Please call (201) 493-1414