Cyber Security Alerts

Microsoft Office Cybersecurity Alert: Zero-Day “Follina” Bug

May 31, 2022

Contigo Technology has been alerted to an emerging threat posed to you and all users of Microsoft Office by the Microsoft Office vulnerability dubbed the Zero-Day “Follina” Bug.

What you need to know:

  • This vulnerability is triggered by opening malicious Office documents.
  • Threat actors may deceive victims into opening these documents using email attachments, social media links, file downloads, or other creative delivery methods.
  • We will likely need to update your endpoints once a security patch is available.
    • Since this is currently a 0-day, a patch has not yet been released.
  • Don’t panic over this. Yes, this vulnerability makes it easier for hackers to access your network. However, malicious documents are a familiar attack strategy, and vigilant users can turn the tide against these unpredictable threats.

What you can do immediately:

  • Caution your users to be observant when opening any attachments, particularly Microsoft Office documents.
  • Be vigilant when receiving documents and clicking links because of this new vulnerability.

Contigo will work with any affected clients to help address the vulnerability on an individual basis.


Thank you,

Contigo Technology