What do I need to know? The Microsoft Follina vulnerability (CVE-2022-30190) is a critical vulnerability that affects all Windows devices, particularly those with MS Office installed. It exploits the Microsoft Windows Support Diagnostic Tool (MSDT) and in most cases is triggered by opening a compromised Word document, delivered by email. Attackers who successfully exploit this zero-day vulnerability, can potentially install programs, view, change, or delete data, and even create new Windows accounts.
What do I need to do?
Microsoft has released a security patch (Tuesday 14th June) to remove the vulnerability, please make sure your Windows device is up to date; automatic updates are recommended.
If your PCs, Laptops and Tablets are managed by our Remote Management and Monitoring (RMM) service, you do not need to worry, we applied remediation across all of our client devices on Tuesday 7th June, a week ahead of the Microsoft fix and have since also rolled out the Microsoft patch.
This vulnerability highlights the importance of centrally managing your team’s devices. With PCs, laptops and tablets enrolled in RMM we can very quickly react to a security threat, identify the devices affected and remediate to keep users protected.
General Best Practice Advice
To stop future email borne attacks like this one in its tracks, it is worth reviewing this advice:
To deliver more comprehensive guidance to your team on how to stay safe, we would recommend Security Awareness Training, available through online courses and can include simulated attacks to test your defences.
For more information on any of the above, please contact your Connect Systems Account Manager or get in touch with us here and we’ll be happy to help you.
More information on the Follina Zero-Day Threat and remediation can be found here.< Back