Reading time: ~2 m
Cybersecurity researchers have discovered a zero-day vulnerability in Microsoft Office, called Follina. It can use the computer with malicious Word documents.
On Twitter, the provider of anti-phishing extensions Wallet Guard said that the vulnerability can be captured under the control of computer victims without opening the file.
This feat is a mountain of feats superimposed on top of each other. Unfortunately, it’s easy to detect and can’t be detected by an antivirus – it was detected in Wallet Guard.
The open attack appeared in the List of Microsoft Office Documents for the Microsoft Diagnostics Tool (MSDT) file handler. Attackers can use phishing or computational engineering to ensure that user keys open an attached file and from that moment on gain access to the entire system of victims.
In response to the vulnerability, Microsoft published guidance along with a security update under CVE-2022-30190. In a blog post, Microsoft acknowledged that a vulnerability had been discovered for the successful installation of programs, viewing, modifying or deleting data or creating new accounts.
Users who use the Microsoft Cloud-Delivered Protection Service have a high security chance, but the preference is to use the MSDT URL protocol as a workaround so that the tools are not used as links.
Wallet Guard experts offer users of Microsoft Defender Attack Surface Reduction (ASR) to include the option “Block all Office applications from creating child processes” in the “Lockdown mode”.
The researchers caution against downloading .doc files, .docx and .rtf, and accept PDFs with other connections.
#Cryptocurrency #owners #risk #vulnerability #Microsoft #Office