A China-linked APT group is actively exploiting the recently disclosed Follina zero-day flaw in Microsoft Office in attacks in the wild. China-linked APT group TA413 has been observed exploiting the recently disclosed Follina zero-day flaw (tracked as CVE-2022-30190 and rated CVSS score 7.8) in Microsoft Office in attacks in the wild. This week, the cybersecurity researcher nao_sec discovered a malicious Word […]
Microsoft released workarounds for a recently discovered zero-day vulnerability, dubbed Follina, in the Microsoft Office productivity suite. Microsoft has released workarounds for a recently discovered zero-day vulnerability, dubbed Follina and tracked as CVE-2022-30190 (CVSS score 7.8), in the Microsoft Office productivity suite. “On Monday May 30, 2022, Microsoft issued CVE-2022-30190 regarding the Microsoft Support Diagnostic Tool (MSDT) in Windows […]
A zero-day flaw in Microsoft Office that could be exploited by attackers to achieve arbitrary code execution on Windows systems. The cybersecurity researcher nao_sec discovered a malicious Word document (“05-2022-0438.doc”) that was uploaded to VirusTotal from Belarus. The document uses the remote template feature to fetch an HTML and then uses the “ms-msdt” scheme to execute PowerShell […]
Experts found four security flaws in the Microsoft Office suite that cloud allow attackers to weaponize Word and Excel docs. Experts from Check Point discovered four security vulnerabilities in the Microsoft Office suite that an attacker could exploit to craft weaponized Word and Excel documents. Below the list of flaws discovered by the experts: CVE-2021-31179 – […]