Mysterious "Follina" zero-day hole in Office

Discussion in 'other security issues & news' started by waking, May 31, 2022.

Page 8 of 8
  1. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,559
    Location:
    The Netherlands
    Let me guess, they will probably announce that Sophos Intercept X and HitmanPro Alert have added protection against this exploit. :D
     
    Rasheed187, Jun 15, 2022
    #176
  2. waking

    waking Registered Member

    Joined:
    Jan 25, 2016
    Posts:
    176
    Follina gets fixed - but it's not listed in the Patch Tuesday patches!

    15 Jun 2022

    https://nakedsecurity.sophos.com/2022/06/15/follina-gets-fixed-but-its-not-listed-in-the-patch-tuesday-patches/
     
    waking, Jun 15, 2022
    #177
  3. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,593
    Location:
    U.S.A.
    This is worth reviewing in that Sophos actually verified the patch works to thwart this specific attack.

    My concern, as with others, is Microsoft did not patch the RCE vulnerability. It still exists and can be expected to be used maliciously in some new unknown way in the future.
     
    itman, Jun 15, 2022
    #178
  4. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,593
    Location:
    U.S.A.
    itman, Jun 15, 2022
    #179
Page 8 of 8
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...