How to manage the 'Follina' zero-day hole in Office
The internet is abuzz with news of a zero-day remote code execution bug in Microsoft Office.
Known as 'Follina', below is all the information you need to know about the emerging threat posed to you.
What you need to know
The vulnerability is triggered by opening malicious Office documents
Threat actors may deceive victims into opening these documents using email attachments, social media links, file downloads or other creative delivery methods
You will likely need to update your endpoints once a security patch is available. Since this is currently a 0-day, there has not yet been a patch released
Whilst this vulnerability makes it easier for hackers to gain access to your network, malicious documents are a familiar attack strategy and vigilant users can turn the tide against these unpredictable threats
What can you do immediately?
Caution your users to be extra observant when opening up any attachments, particularly Microsoft Office documents
Update your hold music with a quick message to passively educate any callers
Add a quick, non-technical blurb to your social media accounts asking for extra vigilance when receiving documents and clicking links because of this new vulnerability
Work with your Antivirus vendor to make sure you are running the most current version of their software, and reach out to them with any questions or concerns
If you are worried about this threat, or any other threats, please get in touch with one of our experts who will be happy to help.