Follina — a Microsoft Office code execution vulnerability (MSDT)

Question

Hi, 
 Will Intercept-X Advanced/Hitman detect the latest zero-day to hit Office? 
 https://www.huntress.com/blog/microsoft-office-remote-code-execution-follina-msdt-bug 
 https://twitter.com/GossiTheDog/status/1531001945426640899 
 Word spawning msdt.exe and sdiagnhost.exe 
 There is a workaround to disable the msdt:// URL handler but having Intercept-X protect against this would be a relief! 
 Thanks

Qoosh · Answer

Some of the files/elements used to exploit this vulnerability are already being detected by Sophos. We're adding behavioural detections to better protect against this as well. 
 If you're looking for more information on how to best protect yourself, the following Naked Security blog post is a great resource. - Mysterious &ldquo;Follina&rdquo; zero-day hole in Office &ndash; what to do?