The ONGC Cyber Security Team is aware of a critical vulnerability that has been identified to affect a core component of the Microsoft Office Suite. The vulnerability also known as “Follina” allows for the remote execution of arbitrary code via the Microsoft Support Diagnostic Tool (MSDT).
As of 1st of June there is no official patch for this vulnerability, and it is unknown as to when one will be made available by Microsoft.
ONGC Systems are taking a proactive approach to disable the vulnerable application. We do not anticipate this to have an impact on the standard use of Microsoft Office applications. We will be in touch to discuss the deployment of this solution.
ONGC’s solution is reversible and will be coordinated to reintroduce the functionality once an official patch has been released from Microsoft.
Once a security patch has been made available, ONGC will test this internally before deploying to our clients, in the process removing the temporary fix.
Should you require any further information or have any concerns about your IT systems please reach out to our Service Desk on 07 5594 0099 or firstname.lastname@example.org.