Microsoft has released its monthly batch of security updates that address over 50 vulnerabilities in the Windows operating system, Microsoft Office, Hyper-V Server, Azure, Windows Defender, and other products. More importantly, June’s Patch Tuesday resolves CVE-2022-30190, the Microsoft Windows Support Diagnostic Tool (MSDT) remote code execution bug (aka ‘Follina’) reported to be under active attack.
Discovered and disclosed last month, the Follina vulnerability exists due to improper input validation when processing URL within the Microsoft Windows Support Diagnostic Tool (MSDT). It allows a remote unauthenticated hacker execute arbitrary OS commands on a vulnerable system by tricking the victim into opening a specially crafted file, which calls the ms-msdt tool.
Shortly after the public disclosure, multiple threat actors were observed exploiting the bug, including widespread phishing attacks that distributed QBot, as well as malicious campaigns targeting governments in Europe, the US, and Ukraine.
In addition, the June 2022 Patch Tuesday updates address multiple high-risk vulnerabilities affecting Microsoft Azure, Photos App, Windows LDAP, Microsoft Windows Network File System, Microsoft HEVC Video Extensions, Microsoft Excel, and other software.