The Web3 security firm has released a critical warning for all MS Word users who hold some digital assets on their PCs. The 0-day vulnerability "Follina" was exposed to some MS Word documents and allows taking full control of the computer without even opening a file.
The exploit is a "mountain of exploits," which means that it contains numerous malicious operations that once appeared on a PC. Unfortunately, no antivirus software has yet added the exploit to their database. The "0-day vulnerability" means that the exploit, virus or attack mechanism is not yet detectable, and there is no way to protect affected users from it.
? CRITICAL ALERT— Wallet Guard (@wallet_guard) June 1, 2022
A severe 0-day vulnerability called #Follina has been exposed (since May 27th) in MS Word Documents.
It could allow hackers to take full control of your computer, in some cases WITHOUT even opening the file. ?
The hack works with the help of a template feature in Microsoft's application, which allows users to load and execute HTML and JS from external sources inside of the app. Generally, allowing execution of JS and HTML from untrusted sources is already extremely dangerous.
Once executed, the exploit runs a command that launches Microsoft Support Diagnostic Tool which, is used by support agents for debugging issues in the operational system with the help of remote access. At this step, it becomes self-explanatory.
The hacker's main objective may be private keys that are usually stored on personal computers of users. Once access is granted, there is no way to save the operational system. The only way to prevent the loss of files and sensitive information would be a total wipeout of the system.
Unfortunately, there might be no way to save existing files on a drive that your Windows OS is based on. The only way to prevent the exploit from happening on your personal computer is to avoid downloading .rtf files from untrusted sources.