Security gap due to Microsoft Office
Greenbone Cybersecurity, Cyber Threat, Sicherheitslücke
Once again, a flaw has appeared in Microsoft Office that allows attackers to remotely execute malicious code on the systems of attacked remotely execute malicious code on the systems of the attacked users. The flaw, known as known as "Follina", has been known about for years, but has not yet been known for years, but has not yet been fixed by Microsoft. Greenbone has added a Greenbone has added a corresponding vulnerability test to its feeds, which Follina vulnerability in Microsoft Office.
Follina requires immediate action
The CVE named "Follina" is critical and requires immediate action. immediate action: Just opening Microsoft Word documents can give attackers access to your give attackers access to your resources. Because a flaw in Microsoft Office allows attackers to copy templates from the Internet via ms-msdt:-URI handler the first time you click on them, attackers can create manipulated documents that, in the worst case, can take over entire client systems or systems or spy out credentials.
According to Microsoft, protection is offered by the "protected view". Because users can deactivate it with just one click, the US manufacturer advises the US manufacturer advises deactivating the entire URL handler via a registry entry. registry entry. As things stand at present, all versions of Office versions.
Greenbone's feeds help and protect
The Greenbone Enterprise Feed and the Greenbone Community Feed now contain an authenticated check for the workaround suggested by Microsoft. suggested workaround, which helps you to protect yourself from the effects of the security vulnerability. Our development team is monitoring the Microsoft patch releases and recommendations for further action. We will keep you informed of updates here on the blog.
Securing IT networks for the long term
If you want to know which systems in your network are (still) vulnerable to vulnerabilities - including the critical vulnerability associated with CVE-2022-30190 vulnerability - our vulnerability management will help you. Vulnerability Management. It is applied in systems that must be need to be patched or otherwise protected. Depending on the type of systems and vulnerability, these can be found better or worse. The detection is constantly improving and being updated. New gaps are found. Therefore, there may still be other systems with vulnerabilities in the network. It is therefore worthwhile to regularly updating and scanning of all systems. The Greenbone vulnerability management offers corresponding automation functions.
Vulnerability management is an indispensable part of IT security. of IT security. It can find risks and provides valuable information on their elimination. However, no single measure offers 100% security, not even vulnerability management. To make a system secure, many systems are many systems are used, which in their entirety should offer the best possible security. provide the best possible security.