What is Follina?
Follina is the name given to a vulnerability present in Microsoft Windows and Microsoft Office. A Windows computer with Microsoft Office installed is vulnerable. This vulnerability allows an attacker to send you a specially crafted Microsoft Office document, such as a Word or Excel file, and if you even view it, it will run their program on your computer. Such a program could be designed to spy on you, take control of your computer, or hold your files for ransom.
What Can You Do?
Scrutinize every email carefully. Do not open attachments that you were not expecting. If you believe that there is a possibility that the attachment might be legitimate, contact the sender by alternate and previously known means. Do not reply to the email asking as even if the mailbox belongs to someone you know, it might be compromised by an attacker. Try calling or texting them at a number you already know, not using one found in the email.
What can your IT do?
If you have a maintenance agreement with BL Technical Services, mitigation has already been put in place. For everyone else, you should contact your IT support and ask them to put the workaround found in this Microsoft Blog in place. This will prevent the payload of a malicious Microsoft Office file from running if you happen to be targeted by one of these attackers and open the file.