How to open Microsoft Word documents with World online

A new “zero-day” vulnerability discovered in Microsoft Office, and more specifically in Microsoft Word by the cybersecurity group “Nao-sec”, allows hackers to remotely access users’ PCs in order to steal personal data. The security flaw, dubbed “Follina” by researcher Kevin Beaumont, appears to affect different versions of the Microsoft Office suite. This includes version 2013 up to version 2021 and even Office Pro Plus and Office 365.

Vulnerability, in particular, allows run PowerShell commands through MSDT a support tool from Microsoft. All this, thanks to a simple Word document. Beaumont points out in a post that “the document uses the remote template feature” of Microsoft’s text editing program to “fetch HTML from a remote web server”, and at the same time uses an “ms- msdt MSProtocol” to load the code and run it in the aforementioned console interface. All this is not detected by Windows Defender and is executed even if macros are disabled.

Although Microsoft listed it as a zero-day vulnerability just hours ago, the flaw has been present in the Office suite for weeks according to Beaumont. The hackers seem to use Word documents whose content is intended to attract victims’ attention. These include accounts of people being sexually harassed or requests for interviews for Russian media. In addition, remote access is obtained as soon as the document is opened and, in some cases, even when previewed in the file explorer.

How to prevent your PC from being taken over by the new Word vulnerability


Microsoft, which at first did not consider this vulnerability as such, seems to be working on a patch, so it is likely that in the coming days the Office suite and even Windows, will receive a new security update to solve the problem. In the meantime, there are a number of steps you can take to prevent hackers from gaining access to your computer.

One of these measures is avoid opening or downloading unknown documents. For example, those who arrive by email. The vulnerability, remember, is loaded via a remote Word template. So it is very difficult for Microsoft Defender or any other similar antivirus to detect this file as a threat.

On the other hand, it is also possible to disable certain functions and processes of Microsoft Word, such as block office apps