We were notified over the weekend by one of our trusted security vendors of a new Microsoft Office vulnerability dubbed “Follina.” You can read their continually-updated blog post here along with Microsoft’s blog post here along with their CVE post.
This vulnerability is triggered by opening malicious Office documents (not just Macro-enabled documents, which are already trouble). When Microsoft rolls out a patch for this, we’ll follow our managed patching procedures to make this isn’t going to break anything before rolling it out everywhere. We are already running the Huntress threat detection agents on all our managed machines, which will help prevent this from becoming a mess.
What can you do in the meanwhile? Be extra observant when opening up any attachments, particularly Microsoft Office documents. Follow our advice on phishing emails and if you’re not expecting it, toss it.