- Microsoft Confirms ‘Follina’ causing problems in Microsoft Office
- The Follina zero-day vulnerability has also impacted Office 2013 version.
- Instead of a security fix, Microsoft has released guidance to stay safe from Follina
A new virus has been identified as a new zero-day vulnerability in Microsoft Office. It allows hackers to apply a code using an infected Word document. The security issue is known as Follina which hits the user system when they open defaulted Word files. The independent research group named nao_sec has reported this fault.
The Tokyo-based cybersecurity research organization has said about the Follina vulnerability. This was reported by them on their Twitter handle. According to the tweet, the security fault is allowing Microsoft Word file to apply code – Follina. Even if Macros which are used to give commands for automated tasks are disabled. Meanwhile, hackers are using sensitivity for similar automation with Macros.
Microsoft Security Response Center replied on Office vulnerabilities on Monday and said that if a hacker starts using this vulnerability, they can install programs or applications and misuse, view, or delete data. They can also create new accounts using ‘user rights’ and personal information.
Before this, Microsoft Office versions 2013 and 2021 have been found most likely to get attacks. In some cases even licensed versions of Microsoft 365 were also affected on Windows 10 and 11.
Kevin Beaumont, Researcher, and former Senior Threat Intelligence Analyst at Microsoft examine the tweet from nao_sec and said, “I’m surprised to see that, infected files are using Microsoft Support Diagnostics Tool to execute the code.” Till now no security update or rule is available for Follina. Instead of that, the company’s security response center team has released a set of guidelines to deal with Follina.
The company has said that the best way to cope with this vulnerability is to disable the Microsoft Support Diagnostics Tool (MSDT) URL protocol.
This can be done in two easy steps given below-
- Switch to Administrator and run Command Prompt.
- Execute command ‘reg export HKEY_CLASSES_ROOT\ms-msdt filename’ to back up the registry key.
If users are using Microsoft Defender Antivirus, they should turn on automatic sample submission and cloud-delivered protection. It will identify the unknown threats and stop them.