Share via

Cybersecurity researchers are calling attention to a zero-day flaw in Microsoft Office that could be abused to achieve arbitrary code execution on affected Windows systems.

Ajaz Khan 276 Reputation points
2022-06-06T18:29:54.85+00:00

Hello There,
Is there any official statement or resolution available on the below information circulating recently. What should be the steps to avoid this?
Cybersecurity researchers are calling attention to a zero-day flaw in Microsoft Office that could be abused to achieve arbitrary code execution on affected Windows systems.
The vulnerability came to light after an independent cybersecurity research team known as nao_sec uncovered a Word document ("05-2022-0438.doc") that was uploaded to VirusTotal from an IP address in Belarus.

"It uses Word's external link to load the HTML and then uses the 'ms-msdt' scheme to execute PowerShell code," the researchers noted in a series of tweets last week.

Microsoft 365 and Office | Install, redeem, activate | For business | Windows
Microsoft 365 and Office | Word | For business | Windows
Microsoft 365 and Office | Development | Microsoft 365 Publishing

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.