Information regarding Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability (CVE-2022-30190) aka "Follina"

Information applies to:

Products

Panda Adaptive Defense 360 on Aether Platform	Panda Adaptive Defense on Aether Platform
Panda Endpoint Protection on Aether Platform	Panda Endpoint Protection Plus on Aether Platform

A zero-day Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability (CVE-2022-30190), also known as "Follina", has been identified when MSDT is called using the URL protocol from a calling application such as Word. As explained in the MSRC Blog Entry, an attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application. The attacker can then install programs, view, change, or delete data, or create new accounts in the context allowed by the user?s rights.

In relation to this vulnerability, Panda Endpoint Security products can detect and block these attacks conducted via this exploit as Exploit/CVE-2022-30190:

We recommend that you apply the mitigations described by Microsoft to minimize the impact of this vulnerability.

Help nº- 20220602 100079 EN

Have you resolved your query with this article?

yes no

Thanks for your answer

Why didn't you find it helpful?

The instructions are too complex.
The instructions are too long.
The instructions don't work.
I'd rather have a video.
Other reasons.

Talk to a technician!

ALWAYS ONLINE TO HELP YOU TWITTER FORUM CHAT

Contact our technicians:

1-844-956-2648 1-866-748-2157x2 PREMIUM1-844-255-7356 Email us

ALWAYS ONLINE TO HELP YOU TWITTER FORUM CHAT

Panda Technical
Support

Need help?

Information regarding Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability (CVE-2022-30190) aka "Follina"

Why didn't you find it helpful?

Talk to a technician!

Contact our technicians:

About Panda

Home Users

Business