Hacks – May 2022 – Follina Zero Day Vulnerability

Share This Post

Tips and Tricks to mitigate and prevent “Follina”:

  • Turn off the preview pane in file explorer and Microsoft Outlook.
    • File explorer – go to the View menu tab, if preview pane is highlighted, click it to disable
    • Microsoft Outlook –
      • File Options Trust Center > Trust Center Settings,and then select Attachment Handling.
      • Click Turn off Attachment Preview
    • Always verify the sender of an email.
    • Hover over hyperlinks before clicking them to reveal their true location.
    • Never open an attachment you are unsure of.

References:

https://www.huntress.com/blog/microsoft-office-remote-code-execution-follina-msdt-bug?hstc=1139630.416896d61b0745d0044e9a03af7f82ad.1653955273132.1653955273132.1653955273132.1&_

hssc=1139630.1.1653955273132&__hsfp=3244405923&hsutk=416896d61b0745d0044e9a03af7f82ad&contentType=listing-page

https://doublepulsar.com/follina-a-microsoft-office-code-execution-vulnerability-1a47fce5629e

https://support.microsoft.com/en-us/office/preview-attachments-in-outlook-6f61e4ad-a93d-408c-bb3a-bc95107f66be

https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/

https://www.reddit.com/r/msp/comments/v0tuvs/ms_office_vuln_polite_warning_about_nearterm/

More To Explore
cyber-security

Excite Cyber ECDC Threat Intelligence Report – Q4 2025

The fourth quarter of 2025 demonstrated an escalating convergence of nation-state espionage, ransomware innovation, and supply-chain exploitation across the Asia–Pacific region. As geopolitical tensions intensify and digital dependencies deepen, threat actors have pivoted from opportunistic attacks to systematic campaigns targeting trust architectures—identities, cloud infrastructure, and third-party integrations that underpin modern enterprise operations.

23 January 2026