Microsoft, a Multinational Technology Co – operation, has faced a ‘Zero–Day’ vulnerability attack which has affected 32 versions of Microsoft software. The attack has been found in the most used software of Microsoft, known as MS Word Document, and more than 32 versions of Windows applications has affected.
Microsoft acknowledged the issue on Tuesday, while the Indian Computer Emergency Response Team (CERT-In) has also assigned a ‘high’ severity rating. Worryingly, preliminary indications indicate that the attack has already been used to target Indian users.
The attack was earlier dubbed “Follina,” but later, they renamed it a CVE-2022-30190. ‘CVE’ stands for Common Vulnerabilities and Exposures. Every officially acknowledged attack is given a CVE number for easy identification in the future.
Follina falls under ‘Zero-Day vulnerabilities,’ meaning vulnerabilities are discovered only when malicious hackers exploit them. The term ‘Zero Day’ is used because there are zero days between their discovery and exploitation.
How does this Attack Works?
The Microsoft advisory team, issued on its official website, states the attack is exploited by sending an MS Word document to the targets. The moment the victim opens that document or previews it, the attack allows the hidden code or trojan present in the document to embed itself in the system/computer, Which leads the system’s control to the attacker.
Microsoft also said, “The attacker can then install programs, view, change, delete data, or create new accounts in your device.” Due to this, the attacker can access all the files present on your device and use them against you in the crime, especially the IP address.
Where was this first Traced?
According to the researcher, the ‘Follina’ was first tested in October 2021, after which it was exploited in March 2022 in Nepal, India, and the Philippines. It was later also used for cyber-attacks in Russia in April and Belarus in May.
Various parts of these attacks were traced by other’s researchers also, such as,
- nao_sec found the code used in Belarus
- Kevin Beaumont, a cybersecurity researcher, found this code in a malware-loaded MS Word document titled ‘Invitation for a job interview,’ used in the Russia attack.
Beaumont came up with the name for the vulnerability, as its file name contained the numbers’ 0438′, which is the telephone code for Follina, Italy.
How to Mitigate the attack?
There is various way to mitigate this problem, but I suggest following the steps given by Microsoft itself to solve it.
The steps to mitigate the problem (“Click Here“).
- Microsoft is trying to overcome this problem.
- Till then, don’t respond to any suspicious e-mails.
- Don’t install any Microsoft Applications until the vulnerability is solved.