Skip to main content

Hackers can now take over your computer through Microsoft Word

A new zero-day vulnerability in Microsoft Office could potentially allow hackers to take control of your computer. The vulnerability can be exploited even if you don’t actually open an infected file.

Although we’re still waiting for an official fix, Microsoft has released a workaround for this exploit, so if you frequently use MS Office, be sure to check it out.

Recommended Videos

Interesting maldoc was submitted from Belarus. It uses Word's external link to load the HTML and then uses the "ms-msdt" scheme to execute PowerShell code.https://t.co/hTdAfHOUx3 pic.twitter.com/rVSb02ZTwt

— nao_sec (@nao_sec) May 27, 2022

Please enable Javascript to view this content

The vulnerability has been dubbed Follina by one of the researchers who first looked into it — Kevin Beaumont, who also wrote a lengthy post about it. It first came to light on May 27 through a tweet by nao_sec, although Microsoft allegedly first heard of it as early as April. Although no patch has been released for it just yet, Microsoft’s workaround involves disabling the Microsoft Support Diagnostic Tool (MSDT), which is how the exploit gets entry into the attacked computer.

This exploit affects primarily .rtf files, but other MS Word files can also be affected. A feature in MS Word called Templates allows the program to load and execute code from external sources. Follina relies on this in order to enter the computer and then runs a series of commands that opens up MSDT. Under regular circumstances, MSDT is a safe tool that Microsoft uses to debug various issues for Windows users. Unfortunately, in this case, it also grants remote access to your computer, which helps the exploit take control of it.

In the case of .rtf files, the exploit can run even if you don’t open the file. As long as you view it in File Explorer, Follina can be executed. Once the attacker gains control of your computer via MSDT, it’s up to them as far as what they want to do. They might download malicious software, leak files, and do pretty much everything else.

Beaumont has shared plenty of examples of the way Follina has already been exploited and found in various files. The exploit is being used for financial extortion, among other things. Needless to say — you don’t want this on your computer.

What do you do until Microsoft releases a patch?

Microsoft's MSDT protocol guidance.
Image used with permission by copyright holder

There are a few steps you can take to stay safe from the Follina exploit until Microsoft itself releases a patch that will fix this problem. As things stand now, the workaround is the official fix, and we don’t know for a fact that anything else is sure to follow.

First and foremost, check whether your version of Microsoft Office could potentially be affected. So far, the vulnerability has been found in Office 2013, 2016, 2019, 2021, Office ProPlus, and Office 365. There is no telling whether older versions of Microsoft Office are safe, though, so it’s better to take additional steps to protect yourself.

If you’re able to avoid using .doc, .docx, and .rtf files for the time being, it’s not a bad idea. Consider switching to cloud-based alternatives like Google Docs. Only accept and download files from 100%-proven sources — which is a good guideline to live by, in general.

Last but not least, follow Microsoft’s guidance on disabling MSDT. It will require you to open the Command Prompt and run it as administrator, then input a couple of entries. If everything goes through as planned, you should be safe from Follina. Nevertheless, remember to always be cautious.

Monica J. White
Monica is a computing writer at Digital Trends, focusing on PC hardware. Since joining the team in 2021, Monica has written…
Microsoft warns that the latest Windows 11 update may crash PC games now
Gaming PC on a desk.

Microsoft has once again temporarily halted the rollout of its latest major Windows 11 update, also known as 24H2. This time it is for systems running select Ubisoft games following widespread user reports of crashes and performance issues. The affected titles include Assassin's Creed Valhalla, Assassin's Creed Origins, Assassin's Creed Odyssey, Star Wars Outlaws, and Avatar: Frontiers of Pandora.

Common complaints include black screens, freezing, and unresponsiveness during gameplay or while loading these titles. "I just bought a new gaming laptop with RTX 4080, Intel i9 14900hx. I can't play the game (Origins) even for 5 minutes because it crashes to a black screen, with audio, and the only way to close it is from task manager. Impossible to play," one user shared on Reddit. Others reported similar frustrations, citing the persistent error “NTDLL.dll” that renders their games unplayable.

Read more
Anthropic’s Claude can now control computers like people do
the claude computer control logo

Anthropic's already impressive Claude 3.5 Sonnet gains a significant performance boost on Tuesday as the generative AI startup rolls out an enhanced and updated version of the model alongside the new, lightweight Claude 3.5 Haiku. The Sonnet update includes a public beta feature that gives the AI basic control over the computer it's running on.

Claude 3.5 Sonnet was already a performance leader when it comes to coding tasks, but the new version shows significant across-the-board improvements over its predecessor and steadily outperforms both Gemini 1.5 and GPT-4o on a variety of industry benchmarks. Gemini 1.5 Pro was the only model to best the new 3.5 Sonnet on any test, and did so on the MATH benchmark.

Read more
Your Google TV can now control smart home devices
The Home Panel on Google TV Streamer.

In late September, Google announced a new feature for Google TV called the Home Panel that would make it easier to control all of your (compatible) smart home devices from a single location. The feature first appeared on the Google TV Streamer and then later on Chromecast, but it has now rolled out to Google TVs from other companies including Hisense, TCL, and others.

The Home Panel offers a lot of utility. It shows your lights' current brightness level, the volume level of speakers, and even live streams from security cameras. The demo video Google has on its blog shows that the user can even adjust the thermostat. All of this is done through the remote, so you don't even have to get up off the couch.

Read more