A new Windows vulnerability, dubbed CVE-2022 30190 (or "Follina"), allows attackers to create a Word document that will execute malicious code through the MSDT protocol when a user opens the file in Preview mode.
Malicious Microsoft Office documents are a common attack vector for cybercriminals. Such attacks mainly rely on malicious macros, which — once activated — may execute PowerShell scripts or download further payloads. This method is gaining in popularity, and we've recently seen a nation-state APT group to be using this vulnerability against targets in Tibet.
The Advanced Email Security pack for Acronis Cyber Protect Cloud stops malicious emails before they can reach your users' inboxes, eliminating the risk of accidentally opening a major cyberthreat.
