Zero Day Office Exploit

A Zero Day exploit, is a bug that hackers are able to take advantage of that has only just been discovered, and therefore there is no patch / fix for yet.

The Bug has been nicknamed “Follina”, Microsoft are now aware of it and will be developing a fix, but in the meantime your computers may be vulnerable. I have already personally received a message today on LinkedIN suggesting that someone has a good project for me, and here is the details - just click on this link !

What you need to know:

• This vulnerability is triggered by opening malicious Office documents.
• Threat actors may deceive victims into opening these documents using email attachments, social media links, file downloads or other creative delivery methods.
• You will likely need to update your endpoints once a security patch is available.?
• Since this is currently a 0-day, there has not yet been a patch released!!?
• Don’t panic over this. Yes, this vulnerability makes it easier for hackers to gain access to your network. However, malicious documents are a familiar attack strategy and vigilant users can turn the tide against these unpredictable threats - a good reason to be providing cyber security training to your staff.

What you can do immediately:

• Caution your users to be extra observant when opening up any attachments, particularly Microsoft Office documents.
• Warn them when using social media to be extra vigilant when receiving documents and clicking links because of this new vulnerability.
• Work with your Antivirus vendor to make sure you're running the most current version of their software, and reach out to them with any questions or concerns.

Globalnet offers a Zero Trust service to our clients, users of this service are already protected against this threat.

you can follow the progress of this by viewing this blog from Huntress

https://www.huntress.com/blog/microsoft-office-remote-code-execution-follina-msdt-bug