On 9 June 2022 13:17:29 Vangelis Katsikaros via clamav-users
<clamav-users@lists.clamav.net> wrote:
Hi
I am not a security person so I apologize if the question sounds stupid.
I'd like to ask if there is a signature in the clamav DB to recognise
Microsoft word documents affected by the "Follina" - CVE-2022-30190 remote
code execution vulnerability.
I've added a few signatures into phish.ndb quite a few days ago to detect
Follina... including some of the poc versions that use pdf files.
There are some Follina sigs in the official signatures as well.
Hope this is a reassurance.
Cheers,
Steve
Twitter: @sanesecurity
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation
https://docs.clamav.net/#mailing-lists-and-chat
