Skip to content

Latest commit

 

History

History
24 lines (16 loc) · 1.02 KB

follina.md

File metadata and controls

24 lines (16 loc) · 1.02 KB
Raw

Follina Windows Exploit (May-June 2022)

Microsoft Security: Guidance for CVE-2022-30190 Microsoft Support Diagnostic Tool Vulnerability

YouTube: Dave's Garage: New Windows Zero-Day Exploit - How to protect your PC from Follina

  • This is a zero-day, application remote execution exploit.
  • It effects Microsoft Support Diagnostic Tool.
  • This tool is part of Microsoft Office.
  • When you open an infected Microsoft document, a malicious template is downloaded and executed.
  • The approved workaround is to backup then delete the HKEY_CLASSES_ROOT\ms-msdt registry.

Backup and Delete

  1. Start > Registry Editor
  2. Locate this directory: HKEY_CLASSES_ROOT\ms-msdt
  3. Right-click > Export > Save as msdtbackup.reg in an accessible location.
  4. Confirm export.
  5. Delete this directory.

Restore

Double-click the backup file. Keys are automatically re-intalled.