Hi,
Will Intercept-X Advanced/Hitman detect the latest zero-day to hit Office?
https://www.huntress.com/blog/microsoft-office-remote-code-execution-follina-msdt-bug
https://twitter.com/GossiTheDog/status/1531001945426640899
Word spawning msdt.exe and sdiagnhost.exe
There is a workaround to disable the msdt:// URL handler but having Intercept-X protect against this would be a relief!
Thanks
Some of the files/elements used to exploit this vulnerability are already being detected by Sophos. We're adding behavioural detections to better protect against this as well.
If you're looking for more information on how to best protect yourself, the following Naked Security blog post is a great resource.
- Mysterious “Follina” zero-day hole in Office – what to do?
Some of the files/elements used to exploit this vulnerability are already being detected by Sophos. We're adding behavioural detections to better protect against this as well.
If you're looking for more information on how to best protect yourself, the following Naked Security blog post is a great resource.
- Mysterious “Follina” zero-day hole in Office – what to do?
