Security issues choose neither time nor platforms to operate. They are detected randomly and are always caught by surprise for users who are affected by it.
The latest victim appears to be Office Word, which can leave Windows vulnerable to problems with a minor security vulnerability. The situation is serious and users should protect themselves.
This Microsoft Office flaw was discovered by independent security researchers, and is the latest notable issue. If exploited, it can facilitate remote execution of malicious code from a simple opening of a document in Word.
This flaw was initially called “Follina,” and it is being exploited by the well-known Microsoft Diagnostic Tool (MSDT). In this case, it is used by attackers to execute malicious PowerShell commands, without the need to exploit elevated privileges and without being detected by Windows Defender.
An interesting maldoc was introduced from Belarus. It uses Word's external link to load the HTML and then uses the "ms-msdt" schema to execute PowerShell code.https://t.co/hTdAfHOUx3 pic.twitter.com/rVSb02ZTwt
—não_sec (@nao_sec) May 27 2022
What is most intriguing is the lack of reliance on macros or other elements commonly used in attacks on these platforms. It only requires opening a Word document. After this step there are external links to use in remote code execution.
It has also been revealed that PowerShell commands can run even without this document open. It is enough for an attacker to change the file format to Rich Text Format (RTF), which also prevents the attacker from being detected by Word's security elements.
Although Microsoft acknowledged it, this security flaw still didn't exist. a recommended is to disable the MSDT URL protocol and enable Microsoft Defender Antivirus cloud protection to mitigate the risks of this attack.
This is another situation that Microsoft has to resolve as soon as possible, in order to keep users protected. Its attack vector is a very simple thing, so its risk factor is even higher.
“Coffee trailblazer. Social media ninja. Unapologetic web guru. Friendly music fan. Alcohol fanatic.”