Hackers can now take over your computer through Microsoft Word

A new vulnerability in Microsoft Office could potentially allow hackers to gain control of your computer. The vulnerability can be exploited even if you do not open an already infected file.

Although we are still waiting for an official fix, Microsoft has released a solution For this exploit, so if you use frequently Microsoft Officebe sure to check it out.

An interesting maldoc was introduced from Belarus. It uses Word’s external link to load the HTML and then uses ” ms-msdt ” Scheme for implementing PowerShell code.https://t.co/hTdAfHOUx3 pic.twitter.com/rVSb02ZTwt

And the[مدش]. nao_sec (nao_sec) May 27 2022

One researcher named the vulnerability Follina – Kevin Beaumont, who also wrote after prolonged around it. It debuted on May 27 through a tweet from nao_sec, although Microsoft first heard about it in April. Although a patch hasn’t been released yet, Microsoft’s solution includes disabling the Microsoft Support Diagnostic Tool (MSDT), which is the way the vulnerability gets into the attacker’s computer.

This exploit primarily affects .rtf files, but other MS Word files can also be affected. A feature in MS Word called templates allows the program to load and execute code from external sources. Follina relies on this to get into the computer and then runs a series of commands that open MSDT. Under normal circumstances, MSDT is a secure tool that Microsoft uses to correct many problems for Windows users. Unfortunately, in this case, it also gives you remote access to your computer, which helps the exploiter to take control of it.

In the case of .rtf files, the exploit can run even if you don’t open the file. As long as you’re watching it in File Explorer, Follina can be done. Once an attacker takes control of your computer via MSDT, it’s up to him as much as he wants to do. They might download malware, leak files, and do pretty much everything else.

Beaumont shared a lot of examples of how Follina was actually exploited and found in various files. Exploitation is used for financial blackmail, among other things. Needless to say – you don’t want this on your computer.

What do you do until Microsoft releases a patch?

MSDT Protocol Guidelines from Microsoft.

There are a few steps you can take to stay safe from the Follina exploit until Microsoft itself releases a patch that will fix this problem. As things stand now, the workaround is the official fix, and we don’t know for a fact that anything else is sure to follow.

First of all, check if your version of Microsoft Office may be affected. So far, the vulnerability has been found in Office 2013, 2016, 2019, 2021, Office ProPlus, and Office 365. However, there is no telling whether older versions of Microsoft Office are secure, so it’s best to take additional steps. to protect yourself.

If you are able to avoid using .doc files and . docx and .rtf for now, that’s not a bad idea. Consider switching to cloud-based alternatives like Google docs. Accept and download files only from 100% proven sources – this is a good guide to generally live according to them.

Last but not least, follow Microsoft Guidelines On disabling MSDT. It will require you to open a command prompt and run it as administrator, then make a few entries. If all goes as planned, you should be safe from Follina. However, remember to always be careful.

Editors’ Recommendations