A new Microsoft Office zero-day security vulnerability allows adversaries to execute PowerShell commands via Microsoft Diagnostic Tool (MSDT) by opening a Word document. A remote, unauthenticated attacker could exploit this vulnerability to take control of an affected system.
Security researcher Kevin Beaumont named the vulnerability “Follina” (the zero day code references the Italy-based area code of Follina – 0438) after discovering a malicious Word document that was uploaded to Google-owned VirusTotal on May 25 from an IP address in Belarus.