Microsoft patches actively exploited Follina Windows zero-day (20th June 2022)

Ref# AL2022_39 | Date: Jun 20th 2022


Microsoft has released security updates as part of the monthly rollup of Windows Updates to address a critical Windows zero-day vulnerability known as Follina. 


This vulnerability is tracked as CVE-2022-30190. The security flaw is described as a Microsoft Windows Support Diagnostic Tool (MSDT) remote code execution bug that affects all Windows versions that are still receiving security updates (Windows 7+ and Server 2008+). When opening or previewing Word documents, Follina exploits allow threat actors to execute malicious PowerShell commands via MSDT (Arbitrary Code Execution (ACE)) attacks. 

How it works 

After successfully exploiting this zero-day vulnerability, an attacker can execute arbitrary code with the calling app”s privileges to install programs, view, change, or delete data, and even create new Windows accounts as permitted by the compromised user”s rights. 


To mitigate this threat, Microsoft strongly advises customers to install the updates to be fully protected from vulnerabilities. 

The Guyana National CIRT recommends that users and administrators review this update and apply it where necessary. 

PDF Download: Microsoft patches actively exploited Follina Windows zero-day.pdf