There exists a zero-day code execution vulnerability (CVE-2022-30190) in Microsoft office, specifically with the Microsoft Diagnostics Tool (MSDT). The technique observed in the wild targets Microsoft Word, although this attack is not limited to only Word. Other Microsoft applications as well as applications that support Microsoft Protocols could also be utilized to execute this technique.
Listen on the go:Â https://cyberthreatperspective.buzzsprout.com/1731753/10714317-threat-intel-flash-briefing-follina-cve-2022-30190
Resources:
- Security Update Guide – Microsoft Security Response Center
- https://doublepulsar.com/follina-a-microsoft-office-code-execution-vulnerability-1a47fce5629e
- https://www.huntress.com/blog/microsoft-office-remote-code-execution-follina-msdt-bug
- https://github.com/NVISOsecurity/nviso-cti/blob/master/advisories/29052022%20-%20msdt-0-day.md
- Exploiting MSDT 0-Day CVE-2022-30190