On 30. May 2022 a vulnerability in Microsoft Word was published with CVE-2022-30190.
The vulnerability abuses Microsoft Windows Support Diagnostic Tool (MSDT) for remote code execution, through infected documents opened or previewed in Microsoft Word.
After a thorough investigation, we've determined that Templafy One and Hive are not vulnerable to this attack.
Further, the Microsoft prescribed mitigations for this vulnerability can safely be enabled by Templafy customers, without causing any disruptions to the functionality of the Templafy platform.
Templafy has itself activated necessary mitigations through attack surface reduction rules and has eliminated exposure to this vulnerability internally.
We will continue to monitor any further developments in this vulnerability, as well as apply any patches and hotfixes as soon as they are available from Microsoft.