Thursday ThreatCast - Exposing and Mitigating the Follina Vulnerability

Presented by

Matt Kiely, Alex Jones

About this talk

On May 27th 2022, a new zero-day remote code execution (RCE) vulnerability (CVE-2022-30190P) was discovered in the Microsoft Support Diagnostic Tool (MSDT). According to Microsoft, “An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application. The attacker can then install programs, view, change, or delete data, or create new accounts in the context allowed by the user’s rights.” The Follina vulnerability allows an attacker to execute arbitrary code using a malicious Word document. This vulnerability leverages the built-in MS URL handlers to trigger msdt.exe – this process can then be used to execute PowerShell command. This webinar will dive into the offensive exploits and defensive remediations to defend with confidence against the Follina vulnerability.

Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (11)
Subscribers (1437)
SimSpace delivers a cybersecurity risk management platform, instilling confidence in an organization’s cybersecurity talent and technologies. With SimSpace, security teams, operational processes, and environments are continuously tested, readily available, and optimally tuned to defend against advanced adversaries.