top of page

Follina Vulnerability – Microsoft Office Zero Day Threat

A zero-day vulnerability in Microsoft Office was discovered and reported over the weekend that involves remote code execution simply through the opening of a Word document, even in preview.  Microsoft has issued CVE-2022-30190 in response to this flaw, though this bug is generally being referred to as the Follina vulnerability.   When the malicious Word document is opened even in preview, the file executes malicious PowerShell commands via Microsoft Diagnostic Tool (MSDT).  This code works without elevated privileges and is currently evading Microsoft Defender detection.

The following are several blog posts and updates concerning this vulnerability, its functionality, and workarounds in the absence of a patch:


Guidance for CVE-2022-30190 Microsoft Support Diagnostic Tool Vulnerability

4 views

Recent Posts

See All

Rethinking Software in the Organizational Hierarchy

I very much enjoyed this article from Pieter Danhieux via Dark Reading and this creative approach to the management of applications and hierarchical security. The concept of least privilege and the d

Comments


bottom of page