A suspected state-aligned threat actor has been attributed to a new set of attacks exploiting the Microsoft Office "Follina" vulnerability to target government entities in Europe and the U.S Enterprise security firm Proofpoint said it blocked attempts at exploiting the remote code execution flaw, which is being tracked CVE-2022-30190 (CVSS score: 7.8). No less than 1,000 phishing messages containing a lure document were sent to the targets. The Follina vulnerability, which leverages the "ms-msdt" protocol URI scheme to remotely take control of target devices, remains unpatched, with Microsoft urging customers to disable the protocol to prevent the attack vector