discoverpc.NET Blog

Microsoft will stop supporting Windows 10 in October 2025 — that's just 6 months away! What does that mean? No more security updates or protection, leaving your computer exposed to threats. If your PC is 5–6+ years old and can’t upgrade to Windows 11, now’s the time to start planning. Upgrade if you can, replace if you can’t! Stay protected and avoid downtime.

Call us today at (715) 398-6767 to review your options!

Contact Us Today!

Staying Ahead of "Follina"

There was a vulnerability recently discovered that affects Microsoft’s Office software suite. This includes Microsoft Word, Excel, PowerPoint, Outlook, Access, Teams, etc.  The vulnerability is being exploited through the Microsoft Windows Support Diagnostic Tool (ms-msdt) which is bundled with Microsoft Office and the programs mentioned above.

The vulnerability, dubbed “Follina” (CVE-2022-30190), makes use of how the ms-msdt handles URLs. In its simplest form, ms-msdt can allow attackers to execute code on a machine. The vulnerability impacts all Windows versions currently supported by Microsoft.

This exploit is actively being used by cyber criminals. This exploit is most commonly being reported on through the abuse of Microsoft .doc and .rtf files. This exploit doesn’t need any user interaction to process the exploit, it only has to be on the user’s PC.

Microsoft has not released an official patch as of this time, but there are steps to remedy this exploit until that time. We can manually apply a fix to reduce your risk. Otherwise, Microsoft is expected to make a patch available in the future.

Please reach out to us for more information on how to take action regarding this vulnerability.


Read more on this topic here: 

https://www.sentinelone.com/blog/staying-ahead-of-cve-2022-30190-follina/ 

https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/05/microsoft-office-zero-day-follina-its-not-a-bug-its-a-feature-its-a-bug/