One Article Review
| Source |  Minerva |
|---|---|
| Identifiant | 5667596 |
| Date de publication | 2022-05-31 16:33:34 (vue: 2022-07-12 10:03:33) |
| Titre | New Microsoft Office “Follina” zero-day Already Shared on Ransomware Forums |
| Texte |
The new zero-day MS Word vulnerability recently discovered by Nao_Sec on May 27, 2022, titled 'Follina' (CVE-2022-30190) targeting Microsoft Office is being actively utilised, Minerva researchers found. The exploit targets a vulnerability in Microsoft's Windows Support Diagnostic Tool (MSDT) that occurs due to the ms-msdt MSProtocol URI scheme which could load code and execute via PowerShell despite macros being disabled. Successful exploitation of the CVE enables an attacker to execute arbitrary code on the targeted host. However, the attacker must socially engineer the victim into opening a specially crafted file to exploit this issue which requires a targeted effort to succeed making the vulnerability less prominent to unskilled actors but highly relevant to ransomware gangs such as CONTI, CL0P and ALPHV. To combat this new threat businesses must focus on threat prevention-an approach in which Minerva excels. |
| Envoyé | Oui |
| Condensat | 2022 30190 actively actors alphv already approach arbitrary attacker being businesses but cl0p code combat conti could crafted cve day despite diagnostic disabled discovered due effort enables engineer excels execute exploit exploitation file focus follina forums found gangs highly host however issue less load macros making may microsoft minerva msdt msprotocol must nao new occurs office opening powershell prevention prominent ransomware recently relevant requires researchers scheme sec shared socially specially succeed successful such support targeted targeting targets threat titled tool unskilled uri utilised victim vulnerability which windows word zero “follina” |
| Tags | Ransomware Tool Vulnerability Threat |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.