Tuesday, May 31st, CISA and Microsoft released alerts warning of the “Follina” vulnerability affecting the Microsoft Support Diagnostic Tool (MSDT) in Windows. A remote attacker can use this vulnerability to take over a system by exploiting a downloaded Microsoft Office document.
A patch for this vulnerability has not yet been released. In the meantime, we suggest warning users to not download any document received via email including attachments from familiar email addresses. It is advised to make a phone call to the sender to confirm the attachment was sent by them.
Microsoft has listed additional workarounds that can be found HERE.