Microsoft 365 Security Alerts

Security Alert: Microsoft Office Vulnerability

WorkSmart is aware of the recently discovered security vulnerability affecting all versions of Microsoft Windows. We are working with clients to ensure they are protected against this threat.

Continue reading for more information on what happened and how your organization can address this security concern.

Security Alert: Microsoft Office Vulnerability

What is the security threat?

On May 27th, researchers found a security flaw in Windows. Also known as “Follina.”

The threat is a malicious document that uses the Microsoft Windows Support Diagnostic Tool (MSDT) to gain access to systems. It allows hackers to install programs, interact with data, or create new accounts.

Is there a Microsoft security update to address the threat?

Currently, there is no security update for this zero-day vulnerability. For now, Microsoft advises disabling the MSDT service on all computers.

What steps should my organization take?
  1. Reboot your systems as soon as possible to ensure that your anti-virus software is up to date. The good news: security vendors are working hard on this as well! Our partner, Sophos, reports to detect and block this threat.
  2. Do not open or download any attached Microsoft Office documents within an email unless you have verified that the attachments are safe(via something other than that email). Be extra vigilant when handling any attachments (particularly Word documents).
  3. Disable MSDT on computers with Windows operating systems.
    1. For WorkSmart’s ManagedShield Clients: MSDT will be disabled on your computers. This work is done remotely and with no impact on your team. Please note that MSDT is not needed for Windows or Office applications to run.

Additional Resources:

Microsoft’s Security Response Statement

CRN: Microsoft Confirms ‘Follina’ Office Zero-Day Vulnerability

Sophos: Malicious Word doc taps previously unknown Microsoft Office vulnerability