Security News > 2022 > June > Windows MSDT zero-day vulnerability gets free unofficial patch

A free unofficial patch is now available to block ongoing attacks against Windows systems that target a critical zero-day vulnerability known as 'Follina.
The bug, now tracked as CVE-2022-30190 and described by Redmond as a Microsoft Windows Support Diagnostic Tool remote code execution flaw, impacts all Windows versions still receiving security updates.
Attackers who successfully exploit this zero-day can execute arbitrary code with the privileges of the calling app to install programs, view, change, or delete data, or create new Windows accounts as allowed by the user's rights.
It would be best to toggle off the Preview pane in Windows Explorer to remove it as an additional attack vector exploitable when previewing malicious documents.
Windows Server 2008 R2. Instead of disabling the MSDT URL protocol handler, 0patch has added sanitization of the user-provided path to avoid rendering the Windows diagnostic wizardry inoperable across the OS for all applications.
CISA has also urged Windows admins and users to disable the MSDT protocol after Microsoft reported active exploitation of the vulnerability in the wild.
News URL
Related news
- Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks (source)
- New Windows zero-day leaks NTLM hashes, gets unofficial patch (source)
- Microsoft February 2025 Patch Tuesday fixes 4 zero-days, 55 flaws (source)
- Patch Tuesday: Microsoft Patches Two Actively Exploited Zero-Day Flaws (source)
- PostgreSQL Vulnerability Exploited Alongside BeyondTrust Zero-Day in Targeted Attacks (source)
- MITRE Caldera RCE vulnerability with public PoC fixed, patch ASAP! (CVE-2025–27364) (source)
- Microsoft March 2025 Patch Tuesday fixes 7 zero-days, 57 flaws (source)
- Choose your own Patch Tuesday adventure: Start with six zero day fixes, or six critical flaws (source)
- Microsoft patches Windows Kernel zero-day exploited since 2023 (source)
- Patch Tuesday: Microsoft Fixes 57 Security Flaws – Including Active Zero-Days (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-06-01 | CVE-2022-30190 | Unspecified vulnerability in Microsoft products A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. | 0.0 |