Zero-day is a computer software vulnerability which hasn’t been discovered by software developers yet but a hacker found it. In late May 2022, a security researcher Kevin Beaumont found an exploit “Follina” vulnerability which can attack your computer through Microsoft Word. It became known due to a post on the twitter of nao_sec on May 27, 2022.
This vulnerability allows hackers to access to your computer promptly, although you have not opened the file yet. This causes a lot of trouble for software developers and general software users.
Follina vulnerability affects mainly .rtf files but it may also affect other MS Word files. It has been found in Office 2013, 2016, 2019, 2021, Office ProPlus, and Office 365. In case of .rtf files, Follina can run immediately even if you don’t open the file. It can be executed when you have just viewed it in File Explorer.
After a hacker can access and control your computer via Microsoft Support Diagnostic Tool (MSDT), they might download malicious software, leak your data, or do everything else they want.
Before launching a patch to solve this problem, Microsoft suggested the following workaround. If your Microsoft Office is the above-mentioned version, you are suggested to temporarily disable “Microsoft Support Diagnostic Tool (MSDT)” by the steps below.
- Run Command Prompt as Administrator.
- Execute the command “reg export HKEY_CLASSES_ROOT\ms-msdt filename” to back up the registry key.
- Execute the command “reg delete HKEY_CLASSES_ROOT\ms-msdt/f”.
However, in June 2022, Microsoft has released security updates for Windows to fix this Follina. Microsoft also strongly recommended that users install the updates to be fully protected from the vulnerability.
Source: