Skip to content

Caution: Crypto holders with Windows face a new critical MS vulnerability

Caution: Crypto holders with Windows face a new critical MS vulnerability

Cybersecurity researchers have revealed a zero-day vulnerability dubbed Follina in Microsoft Office that can affect a computer using malicious Word documents.

In a Twitter thread, anti-phishing extension provider Wallet Guard stated that the vulnerability could enable malicious actors to take charge of the victim’s computer without opening the file. 

Additionally, the exploit is not complicated and cannot be detected by anti-virus. 

“This exploit is a mountain of exploits stacked on top of each other. However, it is unfortunately easy to re-create and cannot be detected by anti-virus,” Wallet Guard said. 

How Follina impacts computer 

The attack manifests itself by using the Microsoft Office documents to open a Microsoft Diagnostics Tool (MSDT) file handler. Attackers might leverage phishing or social engineering to get users to open an attached file and gain access to the victim’s entire system from this point. 

In response to the vulnerability, Microsoft had earlier published guidance alongside a security update under CVE-2022-30190. In a blog post, Microsoft acknowledged attackers could use the vulnerability to successfully install programs, view, change or delete data or create new accounts. 

Users leveraging the Microsoft Cloud-Delivered Protection Service have a high chance of remaining safe; however, the researchers recommended disabling the MSDT URL Protocol as a workaround to prevent troubleshooters from launching as links. 

To stay safe, Wallet Guard also suggested that Microsoft Defender’s Attack Surface Reduction (ASR) users can activate the “Block all Office Applications from creating child processes” option into “Block mode.” 

The researchers warned against blindly downloading .doc, .docx, and .rtf files but instead utilize PDF documents and other options like Google documents. 

Additionally, the threat was acknowledged by the United States government through the Cybersecurity and Infrastructure Security Agency (CISA). 

The vulnerability’s detection comes after a recent report revealed that in 2021, total Microsoft malware dropped by 5% to 1,212 from 2020’s figure of 1,268. 

Best Crypto Exchange for Intermediate Traders and Investors

  • Invest in cryptocurrencies and 3,000+ other assets including stocks and precious metals.

  • 0% commission on stocks - buy in bulk or just a fraction from as little as $10. Other fees apply. For more information, visit etoro.com/trading/fees.

  • Copy top-performing traders in real time, automatically.

  • eToro USA is registered with FINRA for securities trading.

30+ million Users
Securities trading offered by eToro USA Securities, Inc. (“the BD”), member of FINRA and SIPC. Cryptocurrency offered by eToro USA LLC (“the MSB”) (NMLS: 1769299) and is not FDIC or SIPC insured. Investing involves risk, and content is provided for educational purposes only, does not imply a recommendation, and is not a guarantee of future performance. Finbold.com is not an affiliate and may be compensated if you access certain products or services offered by the MSB and/or the BD

Read Next:

Finance Digest

By subscribing you agree with Finbold T&C’s & Privacy Policy

Related posts

Sign Up

or

By submitting my information, I agree to the Privacy Policy and Terms of Service.

Already have an account?

Services

IMPORTANT NOTICE

Finbold is a news and information website. This Site may contain sponsored content, advertisements, and third-party materials, for which Finbold expressly disclaims any liability.

RISK WARNING: Cryptocurrencies are high-risk investments and you should not expect to be protected if something goes wrong. Don’t invest unless you’re prepared to lose all the money you invest. (Click here to learn more about cryptocurrency risks.)

By accessing this Site, you acknowledge that you understand these risks and that Finbold bears no responsibility for any losses, damages, or consequences resulting from your use of the Site or reliance on its content. Click here to learn more.