Skip to main content

Public advisory of scammers impersonating CSA and the SPF

Stay vigilant. Read the public advisory

Cyber Security Agency of Singapore
  1. Home
  2. Alerts & Advisories
  3. Alerts
  4. "Follina" Microsoft Support Diagnostic Tool Vulnerability
Alerts

"Follina" Microsoft Support Diagnostic Tool Vulnerability

1 June 2022

Microsoft has released a security notice regarding a remote code execution vulnerability (CVE-2022-30190) in Microsoft Support Diagnostic Tool (MSDT). There are reports of the vulnerability being exploited in the wild.

Successful exploitation of this vulnerability may allow an attacker to execute arbitrary code with the privileges of the calling application. It also enables the attacker to install programs, view, change, delete data, or create new accounts in the context allowed by the user's rights.

The patch for this vulnerability is not available yet. In the meantime, users and administrators are advised to disable the MSDT URL protocol. Please refer to the workaround and detection steps published by Microsoft here.

References:

https://msrc-blog.microsoft.com/2022/05/30/guidance-for-cve-2022-30190-microsoft-support-diagnostic-tool-vulnerability/

https://www.huntress.com/blog/microsoft-office-remote-code-execution-follina-msdt-bug


Back to top