'follina' Zero-Day Vulnerability

Zero day vulnerability is a broad term that describes any recently discovered security vulnerability that hackers can use to attack system. It is called zero-day because the vulnerability is just discovered and the developers have 'zero-day' to patch it.

What is follina?

Follina is a recently discovered vulnerability in the Microsoft Office especially in the Microsoft Word. It allows hackers to attack your system through a '.doc' file. If you open the file the file is blank and does not contain anything. But as soon as you open the file, you can see a diagnosis window or a program compatibility troubleshooter. And while it is busy doing that, you are already hacked.

(In the above picture, the picture at the left is the victim's point of view and the one at right is the hacker's point of view)

While you open the '.doc' file, you might also have another application open other than the program compatibility troubleshooter. It is the application that is being opened by the script included in the '.doc' file. The script can also be used to reverse shell into your computer which means any one who sent you the file can have complete access of your computer.  

How to become safe?

The major way of spreading of files like this is the Internet. Some measure to be safe from things like this are: 

1. Don't download any random file from the Internet

2. Don't open any suspicious link that you get in your e-mail.

3. Don't download any suspicious file from your e-mail if you are not sure what it is.

4. If you encounter something that is not usual then seek help from any expert or you can also      search in Google for any help.

This post does not contain all the information about this newly discovered vulnerability. I would recommend you to go to a better site rather than referring to this post.