15 June 2022

Microsoft June 2022 Patch Tuesday includes much anticipated fix for Windows MSDT zero-day


Microsoft June 2022 Patch Tuesday includes much anticipated fix for Windows MSDT zero-day

Microsoft has released its monthly batch of security updates that address over 50 vulnerabilities in the Windows operating system, Microsoft Office, Hyper-V Server, Azure, Windows Defender, and other products. More importantly, June’s Patch Tuesday resolves CVE-2022-30190, the Microsoft Windows Support Diagnostic Tool (MSDT) remote code execution bug (aka ‘Follina’) reported to be under active attack.

Discovered and disclosed last month, the Follina vulnerability exists due to improper input validation when processing URL within the Microsoft Windows Support Diagnostic Tool (MSDT). It allows a remote unauthenticated hacker execute arbitrary OS commands on a vulnerable system by tricking the victim into opening a specially crafted file, which calls the ms-msdt tool.

Shortly after the public disclosure, multiple threat actors were observed exploiting the bug, including widespread phishing attacks that distributed QBot, as well as malicious campaigns targeting governments in Europe, the US, and Ukraine.

In addition, the June 2022 Patch Tuesday updates address multiple high-risk vulnerabilities affecting Microsoft Azure, Photos App, Windows LDAP, Microsoft Windows Network File System, Microsoft HEVC Video Extensions, Microsoft Excel, and other software.

Back to the list

Latest Posts

Researchers uncovered undetectable malware linked to Russia's APT

Researchers uncovered undetectable malware linked to Russia's APT

According to a recent report published by Palo Alto Networks, new piece of malware currently evades 56 antivirus products.  
6 July 2022
New ransomware operation RedAlert puts victims on a "board of shame"

New ransomware operation RedAlert puts victims on a "board of shame"

At this point, only one victim is listed on the RedAlert’s data leak website, indicating that the development is very new.
6 July 2022
Microsoft silently issued a fix for ‘ShadowCoerce’ NTLM Relay attack

Microsoft silently issued a fix for ‘ShadowCoerce’ NTLM Relay attack

Despite patching the flaw, Microsoft hasn’t provided any details about it and assigned a CVE ID yet.
6 July 2022