A remote code execution vulnerability, dubbed 'Follina', has been found in Microsoft Office via Microsoft Support Diagnostic Tool (MSDT). This issue can be exploited in the default configuration on Windows, and only requires the user be tricked into downloading a malicious file. There is no patch. This issue has been assigned a bug alert severity of 'high'.

Continue reading