Watch Out for This Microsoft Office Vulnerability
Security vulnerabilities aren’t fun, especially when they affect products we rely on every day. A new vulnerability, dubbed “Follina,” unfortunately targets a suite of apps you likely use all the time: Microsoft Office.
Follina, which Microsoft has identified as CVE-2022-30190, is a remote code execution vulnerability. When exploited, a bad actor can use this vulnerability to run arbitrary code with privileges. That means, in these cases, a hacker could control your system, install their own programs, and create new accounts, among other attacks.
Hackers exploit this vulnerability using malicious Microsoft Office documents, not unlike how other scams utilize malicious links or files. As per usual, these documents arrive via channels like email, social media, or file sharing, so you will need to be extra careful opening Office documents from these sources. Unfortunately, there is no security patch available at the time of this article, so you must remain on high alert.
What that means for you is this: make sure any Office document sent to you is from someone you know before opening it. Even if you know the “sender,” double-check the message and document has actually come from them, rather than an imposter. Make sure your antivirus software, such as Huntress Managed Antivirus, is active and running, and is fully updated.
So long as you remain vigilant, Follina should not affect you or your system.