The vulnerability present in Microsoft Office has been called Follina. It is undetectable by antivirus a piece of software designed to protect against malicious software and cyber attacks in general. and would allow attackers to take control of affected computers, and even install and run malware malware or malicious software refers to harmful programs utilized by bad actors to illegally access and/or compromise a computer, network or server. without user consent.
***
- The vulnerability has been named Follina.
- Attackers can take control of the computer and install additional programs.
- Microsoft recommends updating and using the cloud cloud servers are typically located throughout different data centers all over the world. protection system.
- They also recommend to be careful with executable file downloads on Word.
Recently published reports indicate that a vulnerability in the program Word deMicrosoft Office could allow attackers to hijack victims’ computers and take control of them.
This was indicated by the cybersecurity team Wallet a place where cryptocurrency users can store, send and receive digital assets. Guard, which posted a thread on Twitter in which they detail how this vulnerability works, which has been called “Follina, being an exploit that at the time of editing can not be detected by the most powerful antivirus on the market.
???? CRITICAL ALERT
A severe 0-day vulnerability called #Follina has been exposed (since May 27th) in MS Word Documents.
It could allow hackers to take full control of your computer, in some cases WITHOUT even opening the file. ????
— Wallet Guard (@wallet_guard) June 1, 2022
In this regard, the Wallet Guard team commented:
“This exploit is a mountain of exploits applied on top of each other. Unfortunately, however, it is easy to recreate and cannot be detected by an antivirus.”
How does it work? Follina?
In relation to Follina, experts detail that the attack on the equipment takes place through the use of documents fromMicrosoft Office, to open a file driver that belongs to the Microsoft Diagnostic Tool (MSDT).
From here, the attackers carry out a phishing when a scammer pretends to be a trusted institution or person to trick people into revealing sensitive information such as Social Security numbers, passwords, banking details, etc., often through a malware link disguised as legitimate. / social engineering campaign to convince users to open an attachment that would be sent to them, and thus gain full access to the system.
Faced with this, the team ofMicrosoft previously published a guide, in which they inform about the vulnerability that allows attackers to control the computer and install programs, with which they have full power to take over everything that would be hosted on the affected computer.
The Microsoft team also rolled out an update and invites users to make use of the cloud protection service, but recommends disabling the protocol. URL de MSDT to prevent troubleshooters from running as links.
Additional measures
In addition to the above, the Wallet Guard team suggests that people implement certain changes within Microsoft Defender to close refers to the closing price; similar to the same term used in stock trading. the security the term securities refers to a fungible and tradable financial instrument that carries a type of monetary value. breach.
Specifically, users are invited to “block all Office applications from creating secondary processes.” . The latter must be done in the “Lock mode”.
They also invite you to be very careful when downloading .doc / .docx and .rft files.
- Hackers spread a price difference between asking and selling prices of the asset. malware on Telegram that targets crypto-wallet users
- U.S. government accuses Venezuelan doctor of creating and selling ransomware ransomware is a type of malware used by hackers to steal or encrypt their victims’ files to extort them for a ransom in exchange for file decryption or restoration. used by hackers
- First U.S. sanctions cryptocurrency cryptocurrencies are digital currencies that use cryptographic technologies to secure their operation. exchange businesses that allow customers to trade cryptocurrencies for fiat money or other cryptocurrencies. for alleged links to ransomware attacks
Source: Twitter, Finbold
Version by Angel Di Matteo / DiarioBitcoin
Imagen de Unsplash
