Follina zero-day vulnerability in MS Office
A new zero-day remote code execution bug in Microsoft Office is causing a stir. More specifically, it is likely a code execution vulnerability that can be exploited through Office files. Based on what is known so far, there may be other ways to trigger or abuse this vulnerability. Security researcher Kevin Beaumont has named the vulnerability "Follina," which is proving to be a useful search term on the topic until an official CVE number is assigned. In addition, Microsoft has now published an official workaround. Sophos expert Paul Ducklin gives…