- Joined
- Oct 10, 2018
- Posts
- 3,290
- Solutions
- 9
- Reaction
- 37,832
- Points
- 4,498
This is the recently discovered follina exploit which is assigned as CVE-2022-30190. it allows the attacker to get a Remote Code
Execution (RCE) on your computer. in-order to trigger this exploit, the user need not even open the maldoc, he/she just needs to preview it!
the vulnerability lies in the ms-msdt url protocol -windows blindly executes code when this protocol is used along with some parameters and a Powershell Expression.
It can run Malicious commands and HΔck/Delete your files. And it can even Spam RICKROLL
I have tried writing a script of an exploit myself and it was powerful, i hope you guys be aware of opening and downloading DOCX. file and clicking Buttons :> .
I have prepared some of the workaround fix to avoid this kind of attack.
Keep Save bros. And i'm hoping you to be well aware of this. :>
Execution (RCE) on your computer. in-order to trigger this exploit, the user need not even open the maldoc, he/she just needs to preview it!
the vulnerability lies in the ms-msdt url protocol -windows blindly executes code when this protocol is used along with some parameters and a Powershell Expression.
It can run Malicious commands and HΔck/Delete your files. And it can even Spam RICKROLL
I have tried writing a script of an exploit myself and it was powerful, i hope you guys be aware of opening and downloading DOCX. file and clicking Buttons :> .
I have prepared some of the workaround fix to avoid this kind of attack.
You do not have permission to view the full content of this post. Log in or register now.
Last edited: