Microsoft confirms that ‘Follina’ is creating issues in Office.

Bibliometric Details: Issue No: 6 | Issue Month:June | Issue Year:2022
Story Highlights
  • Office 2013 was likewise affected by the Follina zero-day vulnerability.
  • Instead of a security patch, Microsoft has issued advice on how to protect yourself from Follina.

As a result of a new zero-day vulnerability in Microsoft Office, a new virus has been discovered. It allows hackers to inject code into a Word document that has been compromised. Follina is a security flaw that affects users’ systems when they open basic Word files. This flaw was discovered by the independent research group nao sec.

The Follina vulnerability, according to the Tokyo-based cybersecurity research company. They reported this on their Twitter account. The security flaw, according to the tweet, allows Microsoft Word files to apply code – Follina. Even if Macros are deactivated, which are used to deliver commands for automatic tasks. Meanwhile, hackers are leveraging sensitivity to automate Macros in a similar way.

On Monday, the Microsoft Security Response Center responded to Office vulnerabilities, stating that if a hacker exploits this flaw, they would be able to install programmes or apps and abuse, read, or erase data. They can also exploit ‘user rights’ and personal information to establish new accounts.

Previously, Microsoft Office versions 2013 and 2021 were shown to be the most vulnerable to assaults. On Windows 10 and 11, even licenced versions of Microsoft 365 were impacted in some circumstances.

“I’m astonished to notice that, infected files are using Microsoft Support Diagnostics Tool to execute the malware,” Kevin Beaumont, Researcher and former Senior Threat Intelligence Analyst at Microsoft, remarked in response to nao sec’s tweet. Follina has yet to get a security upgrade or rule. Instead, the company’s security response centre staff has issued a set of Follina-related advice.

The easiest approach to deal with this issue, according to Microsoft, is to disable the Microsoft Support Diagnostics Tool (MSDT) URL protocol.

This can be done in two easy steps given below-

  • Switch to Administrator and run Command Prompt.
  • Execute command ‘reg export HKEY_CLASSES_ROOT\ms-msdt filename’ to back up the registry key.

If users are using Microsoft Defender Antivirus, they should turn on automatic sample submission and cloud-delivered protection. It will identify the unknown threats and stop them.

Content Protection by

Back to top button