Microsoft finally released fixes to address an actively exploited Windows zero-day vulnerability known as Follina as part of its Patch Tuesday updates.
Also addressed by the tech giant are 55 other flaws, three of which are rated Critical, 51 are rated Important, and one is rated Moderate in severity. Separately, five more shortcomings were resolved in the Microsoft Edge browser.
Tracked as CVE-2022-30190 (CVSS score: 7.8), the zero-day bug relates to a remote code execution vulnerability affecting the Windows Support Diagnostic Tool (MSDT) when it’s invoked using the “ms-msdt:” URI protocol scheme from an application such as Word.
The vulnerability can be trivially exploited by means of a specially crafted Word document that downloads and loads a malicious HTML file through Word’s remote template feature. The HTML file ultimately permits the attacker to load and execute PowerShell code within Windows.
“An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application,” Microsoft said in an advisory. “The attacker can then install programs, view, change, or delete data, or create new accounts in the context allowed by the user’s rights.”
images from Hacker News