A newly numbered Windows zero-day vulnerability (CVE-2022-30190) is being exploited in the wild via specially crafted Office documents (without macros), security researchers are warning. After initially dismissing the vulnerability as “not a security related issue”, Microsoft has now issued a CVE and has offered a temporary workaround until fixes can be provided. Detected attacks Boobytrapped office files delivered via email are one of the most common tactics attackers use to compromise endpoints, and they are … More
The post Zero-day bug exploited by attackers via macro-less Office documents (CVE-2022-30190) appeared first on Help Net Security.