{"id":9590,"date":"2022-06-01T12:34:56","date_gmt":"2022-06-01T00:34:56","guid":{"rendered":"https:\/\/kinetics.co.nz\/?p=9590"},"modified":"2022-06-01T12:34:56","modified_gmt":"2022-06-01T00:34:56","slug":"ms-office-zero-day-attack-may-31st","status":"publish","type":"post","link":"https:\/\/new.kinetics.co.nz\/?p=9590","title":{"rendered":"MS OFFICE ZERO DAY ATTACK &#8211; MAY 31st"},"content":{"rendered":"\n[et_pb_section fb_built=&#8221;1&#8243; _builder_version=&#8221;4.17.4&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221; theme_builder_area=&#8221;post_content&#8221;][et_pb_row _builder_version=&#8221;4.17.4&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221; theme_builder_area=&#8221;post_content&#8221;][et_pb_column type=&#8221;4_4&#8243; _builder_version=&#8221;4.17.4&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221; theme_builder_area=&#8221;post_content&#8221;][et_pb_text _builder_version=&#8221;4.17.4&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221; theme_builder_area=&#8221;post_content&#8221;]<p>One of the scariest news items to wake up to is that there is a \u2018zero-day\u2019 vulnerability in a common piece of software.<\/p>\n<p>That means that the hacking community has found an opportunity to hack a bit of software and there is no update yet \u2013 \u2018zero\u2019 days to apply a fix. Even worse when the common piece of software is Microsoft Office!<\/p>\n<h2>That has been the case \u2013 code name \u2018Follina\u2019 &#8211; a Zero-day attack<\/h2>\n<p>Microsoft made us aware of it on the 31st NZ time (30th in the US \u2013 with this <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2022-30190\">notice )<\/a><\/p>\n<p>Basically, it means a hacker can trick Office to run code on your PC with all the permissions you have, potentially changing data or even creating or changing accounts. When a hack gets this amount of coverage, other hackers read it, and start putting effort into exploiting it as well, so it is urgent that we are across these risks and applying fixes as they come to hand.<\/p>\n<h3>Kinetics KARE clients can relax \u2013 We have your back<\/h3>\n<p>As you would expect we immediately swung into action.\u00a0 By the time I have finished writing this, we will have rolled out a workaround to all devices protected by KARE to prevent execution of this.\u00a0\u00a0<\/p>\n<p>At the same time, we\u2019re getting updates from antivirus vendors who are attempting to roll out the signatures to block this.\u00a0 It is also a great reason why <a href=\"http:\/\/kinetics.co.nz\/cybersecurity\/\">KARE for Security<\/a> is an effective solution &#8211; the more advanced xDR software that is included in KARE for Security incorporates a behavioural analysis capability that goes above and beyond standard AV signature detection and would have thwarted these particular risks anyway.<\/p>\n<p>No matter what, don\u2019t make it easy for them.<strong> Always make sure you know what files you are opening (don&#8217;t open random files from the internet!)<\/strong><\/p>[\/et_pb_text][\/et_pb_column][\/et_pb_row][\/et_pb_section]\n","protected":false},"excerpt":{"rendered":"<p>One of the scariest news items to wake up to is that there is a \u2018zero-day\u2019 vulnerability in a common piece of software. That means that the hacking community has found an opportunity to hack a bit of software and there is no update yet \u2013 \u2018zero\u2019 days to apply a fix. Even worse when [&hellip;]<\/p>\n","protected":false},"author":5,"featured_media":9591,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"on","_et_pb_old_content":"","_et_gb_content_width":"","footnotes":""},"categories":[4,5],"tags":[],"class_list":["post-9590","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news","category-security"],"_links":{"self":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/posts\/9590","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=9590"}],"version-history":[{"count":0,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/posts\/9590\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/"}],"wp:attachment":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=9590"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=9590"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=9590"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}