You are here: Home News & Alerts Alerts and Malfunctions Follina vulnerability: Malicious …

Follina vulnerability: Malicious code is injected via Microsoft Office (CVE-2022-30190) - IT Threat Layer 3/orange

Critical vulnerability in MS Office products allowing malware injection. Immediate action recommended; patch/update not yet available.

(Status: 01.06.2022, 12:50)

A critical vulnerability in MS Office products (Word, Excel, Powerpoint) allows the injection and execution of malware. In its security alert dated 05/31/2022 (see [1]), the BSI recommends disabling the MSDT URL protocol handler until a patch/update is available from Microsoft.

It is recommended to contact the local IT administrator and discuss further steps.

Until a patch is available, only Office documents from trusted sources should be opened. Particular care should be taken with documents in RTF format, as malicious code can already be executed via the preview in Windows Explorer in the case of malicious documents - it is therefore better not to click on documents in RTF format in the e-mail.

[1] https://www.allianz-fuer-cybersicherheit.de/SharedDocs/Cybersicherheitswarnungen/DE/2022/2022-224508-1032.pdf