#TB220601MR – Microsoft “Follina” Vulnerability

  • Version
  • Download 102
  • File Size 161.43 KB
  • File Count 1
  • Create Date June 8, 2022
  • Last Updated June 8, 2022

Title: Microsoft “Follina” Vulnerability
Date: June 6, 2022

Description:
Microsoft has released workaround guidance to address a remote code execution (RCE) vulnerability—CVE-2022-30190, known as "Follina"—affecting the Microsoft Support Diagnostic Tool (MSDT) in Windows. A remote, unauthenticated attacker could exploit this vulnerability to take control of an affected system. Microsoft has reported active exploitation of this vulnerability in the wild.

Vulnerability ID:
CVE-2022-30190

Issue Summary:
Microsoft Publication: Guidance for CVE-2022-30190 Microsoft Support Diagnostic Tool Vulnerability
CVE Details: CVE-2022-30190

Vulnerable Products:
Systems Running the Following Operating System’s:

  • Windows 10
  • Server 2016
  • Server 2019