Follina: A zero-day vulnerability in Microsoft Office
Follina: A zero-day vulnerability in Microsoft Office
Threat Level
Attack Report
For a detailed advisory, download the pdf file here
Summary
Microsoft has issued a patch after almost 15 days for a zero-day vulnerability identified as CVE-2022-30190 after various proof-of-concept (POCs) indicating that it is actively exploited became public. Security researchers have also named this security flaw as Follina. A Chinese actor group, TA413 is been observed targeting organizations in Tibet with a malicious document with Follina
