Microsoft’s June Patch Tuesday includes a belated repair for a remote code execution vulnerability named Follina. The vulnerability works when actors send malicious Office files containing a link to a. HTML file that executes code in the Microsoft Support Diagnostic Tool. It works even with macros disabled and when previewing, rather than opening, an Office file. Other five dozen security holes plugged in Junes Patch Tuesday are vulnerabilities affecting Microsoft Windows and Windows components; Microsoft Office and Office components;.NET and Visual Studio; Microsoft Edge (Chromium-based); SharePoint server; Windows Defender; Windows App Store.”]
Source: https://www.cuinfosecurity.com/late-fix-for-follina-on-microsoft-patch-tuesday-a-19353