Serious Vulnerability with Microsoft Office
What has happened?
A serious security vulnerability with Microsoft Office, dubbed “Follina”, has been reported.
By exploiting a specific software component (Microsoft Support Diagnostic Tool) in Microsoft Office, attackers are able to obtain unauthorised remote access to the system. Multiple sources have warned that this is being actively exploited by cyber attackers. It is mostly done through a malicious Microsoft Word document which is delivered as a phishing email attachment.
Which versions of Microsoft Office are affected?
This vulnerability affects all versions of Microsoft Office 2013, and later versions running on Microsoft Windows, including Office 2016, Office 2019, Office 2021, Office 365 and Office ProPlus.
Microsoft has yet to release a security patch for this, but NUS IT has identified a workaround to mitigate this vulnerability for our managed computer systems.
What do I need to do?
A. For Windows PCs joined to the NUSSTF domain (i.e. you use your NUS-ID credentials to login) or with Workspace One installed, the workaround will be automatically installed when you are connected to the NUS network. You will not see any prompt.
Ensure that you are connected to the NUS network either via:
- – Wired LAN or NUS WiFi in campus; or
- – nVPN when working remotely.
B. For all other Windows PCs, please wait for the official patch from Microsoft. Meanwhile, exercise extra vigilance when opening Microsoft Office documents, especially from suspicious emails or websites.
We also recommend that you perform the following steps before the update:
- Back up your data, preferably using nBox.
- For PCs and notebooks, ensure you have anti-virus (AV) software running and updated with the latest virus signatures. You may install and use the official AV from here.
For more information
Here is the official advisory from SingCERT: https://www.csa.gov.sg/singcert/Alerts/al-2022-024
Please contact NUS IT Care at 6516 2080 or ITCare@nus.edu.sg should you have any queries.
Let’s all work together to keep NUS secure, bIT by bIT.