diff --git a/Exclusion Rules/900000-exclusion_rules.xml b/Exclusion Rules/900000-exclusion_rules.xml
index 27f205c..4e16c8f 100644
--- a/Exclusion Rules/900000-exclusion_rules.xml
+++ b/Exclusion Rules/900000-exclusion_rules.xml
@@ -771,4 +771,11 @@
no_full_log
DLL file created by printer spool service, possible malware binary drop from PrintNightmare exploit
+
+
+ 100508
+ (?i)^C:\\\\Program Files\\\\Microsoft Office\\\\root\\\\Office16\\\\WINWORD\.EXE$|(?i)^C:\\\\Program Files\\\\Microsoft Office\\\\root\\\\Office16\\\\POWERPNT\.EXE$|(?i)^C:\\\\Program Files \(x86\)\\\\Microsoft Office\\\\root\\\\Office16\\\\WINWORD\.EXE$
+ no_full_log
+ Sysmon - Event 1: Process $(win.eventdata.description) - MS RCE Follina Detection.
+