Security News > 2022 > June > Windows MSDT zero-day vulnerability gets free unofficial patch

Windows MSDT zero-day vulnerability gets free unofficial patch
2022-06-01 15:31

A free unofficial patch is now available to block ongoing attacks against Windows systems that target a critical zero-day vulnerability known as 'Follina.

The bug, now tracked as CVE-2022-30190 and described by Redmond as a Microsoft Windows Support Diagnostic Tool remote code execution flaw, impacts all Windows versions still receiving security updates.

Attackers who successfully exploit this zero-day can execute arbitrary code with the privileges of the calling app to install programs, view, change, or delete data, or create new Windows accounts as allowed by the user's rights.

It would be best to toggle off the Preview pane in Windows Explorer to remove it as an additional attack vector exploitable when previewing malicious documents.

Windows Server 2008 R2. Instead of disabling the MSDT URL protocol handler, 0patch has added sanitization of the user-provided path to avoid rendering the Windows diagnostic wizardry inoperable across the OS for all applications.

CISA has also urged Windows admins and users to disable the MSDT protocol after Microsoft reported active exploitation of the vulnerability in the wild.


News URL

https://www.bleepingcomputer.com/news/security/windows-msdt-zero-day-vulnerability-gets-free-unofficial-patch/

Related news

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2022-06-01 CVE-2022-30190 Externally Controlled Reference to a Resource in Another Sphere vulnerability in Microsoft products
A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word.
local
low complexity
microsoft CWE-610
7.8
7.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Free 9 0 3 1 3 7