Cybersecurity Threat Update: What you need to know about the Follina vulnerability

Nao_Sec, an independent cybersecurity research group, recently informed the public of a new Microsoft cybersecurity threat called Follina.

What do you need to know regarding Follina?

  • This is cybersecurity threat can be triggered through something as simple as opening a malicious Word doc. Even in preview mode in Microsoft Outlook.
  • There is currently no patch available for this zero-day attack
  • Do NOT open any attachments if you do not know the sender or you are not expecting the attachment. (If you are unsure, call the sender to verify the email and attachment are legitimate.)
  • Named “Follina” after reference “0438” in malicious sample, the area code of municipality in Treviso, Italy, called Follina

As always, Merit is keeping client patches up to date. However, since a patch is not currently available for this attack, and until there is one, be extra vigilant when opening any attachments, particularly if you do not know the sender. If you do get a suspicious email, please let us know. This post intends to educate and inform users about what’s going on in the world. The protection of your business is our number one priority. We will continue to monitor the situation and provide updates as they arise. Please contact us with any questions or concerns.

Share this post
You may also like
Recent posts

Ask us. We are here to help!