Teqworks Managed Security has been monitoring the development of an active zero-day threat, referred to as “Follina” (CVE-2022-30190). This vulnerability was originally identified on May 27, and security platforms continue to update as details emerge.
In short, an attacker can utilize the Microsoft Support Diagnostic Tool (MSDT) to run arbitrary code on a computer or server. MSDT can be run by executing a URL through a known acceptable application, such as Word, which then allows the arbitrary code to run with permissions of the logged-in user.
Microsoft has published workarounds and advisories to disable the vulnerability. Teqworks is evaluating machines that are exposed to this vulnerability and applying the fixes as they are identified.
Teqworks clients under our Advanced Threat Protection service are being actively monitored and remediated by our 24×7 Security Operations Center partner.
For more details about this advisory, please reference the linked document provided by our Security Operation Center partner:
Please contact Teqworks at 630.482.2227 or reply to this message to request additional information about this security advisory.
For more information about world-class IT management, delivered locally, please contact me directly:
|Matt SidmanMatt@teqworks.com | Phone: 630.482.2227 x305 | Web: www.teqworks.comTwitter: @teqworks | LinkedIn: https://www.linkedin.com/in/mattsidmanPresident & Chief Solution Architect Teqworks, Inc. Email: