{"id":19218,"date":"2022-06-01T09:10:08","date_gmt":"2022-06-01T17:10:08","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2022\/06\/01\/news-12951\/"},"modified":"2022-06-01T09:10:08","modified_gmt":"2022-06-01T17:10:08","slug":"news-12951","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2022\/06\/01\/news-12951\/","title":{"rendered":"FAQ: Mitigating Microsoft Office’s ‘Follina’ zero-day"},"content":{"rendered":"

Credit to Author: Threat Intelligence Team| Date: Wed, 01 Jun 2022 16:36:44 +0000<\/strong><\/p>\n

On Monday May 30, 2022, Microsoft issued CVE-2022-30190<\/a> for a zero-day remote code vulnerability, ‘Follina’, already being exploited in the wild via malicious Word documents.<\/p>\n

Q: What exactly is Follina?<\/strong><\/em><\/p>\n

A: Follina is the nickname given to a new vulnerability discovered as a zero-day and identified as CVE-2022-30190. In technical terms it is a Remote Code Execution Vulnerability in the Microsoft Windows Support Diagnostic Tool (MSDT).<\/p>\n

Q: But what does it mean, and is this a serious vulnerability?<\/strong><\/em><\/p>\n

A: An attacker can send you a malicious Office document that will compromise your machine with malware when you open it. It is serious since it is already actively being exploited in the wild and doesn’t require users to enable macros.<\/p>\n

Q: Does Malwarebytes protect against Follina?<\/strong><\/em><\/p>\n

A: Yes, it does. Please see additional steps below based on your product to ensure you are protected.<\/p>\n

\"\"<\/a><\/figure>\n

How to add protection with Malwarebytes<\/h2>\n

Malwarebytes Premium (Consumer)<\/h3>\n

Follow the instructions below to add sdiagnhost.exe<\/code> as a new protected application.<\/p>\n

\"\"<\/a><\/figure>\n

Malwarebytes Nebula (Enterprise)<\/h3>\n

Follow the instructions below to add sdiagnhost.exe<\/code> as a new protected application.<\/p>\n

\"\"<\/a><\/figure>\n

The post FAQ: Mitigating Microsoft Office’s ‘Follina’ zero-day<\/a> appeared first on Malwarebytes Labs<\/a>.<\/p>\n

https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Credit to Author: Threat Intelligence Team| Date: Wed, 01 Jun 2022 16:36:44 +0000<\/strong><\/p>\n

FAQ for the new Follina zero-day vulnerability. What you can do to protect your computers right now.<\/p>\n

The post FAQ: Mitigating Microsoft Office’s ‘Follina’ zero-day<\/a> appeared first on Malwarebytes Labs<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[26347,22783,26337,11524],"class_list":["post-19218","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-cve-2022-30190","tag-exploits-and-vulnerabilities","tag-follina","tag-zero-day"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/19218","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=19218"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/19218\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=19218"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=19218"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=19218"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}