Daily Archives: May 31, 2022

  • Zero day in office – but don’t panic

    Posted on May 31, 2022 at 15:38 CDT by Comment in the Forums

    Microsoft Releases Workaround Guidance for MSDT “Follina”; Vulnerability

    05/31/2022 11:11 AM EDT

    Original release date: May 31, 2022

    Microsoft has released workaround guidance to address a remote code execution (RCE) vulnerability—CVE-2022-30190, known as “Follina”—affecting the Microsoft Support Diagnostic Tool (MSDT) in Windows. A remote, unauthenticated attacker could exploit this vulnerability to take control of an affected system. Microsoft has reported active exploitation of this vulnerability in the wild.

    CISA urges users and administrators to review Microsoft’s Guidance for CVE-2022-30190 Microsoft Support Diagnostic Tool Vulnerability and apply the necessary workaround.

    Here at Askwoody we are a bit more savvy.  WE DON’T OPEN THINGS WE AREN’T EXPECTING.  That said if you do want to proactively protect yourself ….

    Group policy fix – Just disable “Troubleshooting wizards” by GPO  see the location here:

    Registry fix:

    click on the search box, type in cmd

    Right mouse click on cmd in the menu bar to RUN AS ADMIN

    type in reg delete HKEY_CLASSES_ROOT\ms-msdt /f

    Click enter

    If you want to restore it back:

    This registry key will restore the troubleshooting wizard – link here

    Click on the downloads, double click to launch, follow the slightly scary instructions to import the registry key back in.

    =================

    Update 6/1/2022

    Now the URI for Search is being abused.

    Once again if you want to proactively protect yourself

    Run Command Prompt as Administrator.

    Execute the command “reg delete HKEY_CLASSES_ROOT\search-ms /f”

    If you want to restore it back, click here

    Windows Security , ,
DON'T MISS OUT!
Subscribe to the AskWoody Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • How to use the Forums
  • All Forums

    • Recent Topics

    May 2022
    S M T W T F S
    1234567
    891011121314
    15161718192021
    22232425262728
    293031  

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2023 by AskWoody Tech LLC. All Rights Reserved.