A new vulnerability has emerged in Microsoft Office

TechnoPixel — 2 years ago

1 min reading time

A new zero-day vulnerability has been identified in many Microsoft Office versions. Security researchers say the new vulnerability could be used to execute code remotely.

READING NOW A new vulnerability has emerged in Microsoft Office

Independent cybersecurity research group Nao_Sec announced that a new zero-day vulnerability has been identified in Microsoft Office. The team, who discovered the new vulnerability, called Follina, in a Word file named 05-2022-0438.doc, which was first uploaded to VirusTotal from a Belarus-based IP address on May 27, states that the vulnerability can be used for malicious purposes.

May lead to data theft

Noting on Twitter about the new vulnerability, Nao_Sec said that attackers used the “Word remote template feature to retrieve HTML file from a remote web server, and then ‘ms’ to execute PowerShell code. He explained that he was using the ‘-msdt’ (Microsoft Support Diagnostic Tool) scheme. However, the Microsoft Support Diagnostic Tool, which is included in the descriptions, is known as a program that allows the collection of diagnostic data for problem detection and fixes.

Baydöner customers’ data leaked

Added 4 days ago

New vulnerability in MS Office and MS Confirming that it can be used remotely to execute arbitrary code on various versions of Windows, many security researchers reported that the latest Office and Insider versions are safe, but multiple Office versions are vulnerable, such as Office Pro Plus, Office 2013, Office 2016, and Office 2021.

Home
Internet
Cyber Security News
A new vulnerability has emerged in Microsoft Office

Comments

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

A new vulnerability has emerged in Microsoft Office

We have explained the steps that those who will start e-commerce should take at the beginning of their journey: All under one roof with AKINSOFT e-commerce!

Background removal feature with artificial intelligence comes to Instagram

Twitch is loosening its sexual content policy

Twitch Announces That It Will Allow Explicit Broadcasts: Of course, to a certain extent

Leave a Comment