Tag Archives: Windows

Windows MSDT 0-day vulnerability "DogWalk" receives 0patch fix

[German]In addition to the Follina vulnerability (CVE-2022-30190) in the Windows ms-msdt protocol, there is another DogWalk-named vulnerability in connection with the Microsoft Diagnostic Tool (MSDT). This vulnerability was reported to Microsoft two years ago, but is unlikely to be patched. … Continue reading

Posted in Security, Windows | Tagged , | Leave a comment

Advertising

Windows Vulnerability Follina (CVE-2022-30190): New findings, new risks (June 9, 2022)

[German]The unpatched Windows vulnerability CVE-2022-30190 (Follina) which has been known since late May 2022, is slowly becoming a problem. The countermeasures described by Microsoft (and here in my blogs) do not seem sufficient. And the vulnerability is now also exploited … Continue reading

Posted in Security, Windows | Tagged , , | Leave a comment

Follina (CVE-2022-30190): No major attack wave, but campaigns on EU/US and other targets

[German]A 0-day vulnerability CVE-2022-30190 (Follina) in Windows has been known since the end of May 2022. Yesterday, a tip from a security researcher came to my attention, who has not yet found any active exploitation via manipulated Office documents. On … Continue reading

Posted in Security, Windows | Tagged , | Leave a comment

Advertising

Microsoft account lockout due to bug when redeeming Microsoft Rewards Points (June 3, 2022)

[German]Another small addendum (almost a warning) to owners of Microsoft accounts. It seems that there was a bug in the account management that caused the account in question to be locked when its owner tried to read in so-called Reward … Continue reading

Posted in Cloud, issue, Office, Windows | Tagged , , | Leave a comment

Large collection of Windows exploits on GitHub

[German]Microsoft patches numerous vulnerabilities in Windows (and other products) every month. Often known vulnerabilities, but not closed by updates, are used in attacks. The other day I came across a large collection of Windows vulnerabilities that can be exploited by … Continue reading

Posted in Security, Windows | Tagged , | Leave a comment

Advertising

SearchNightmare: Windows 10 search-ms: URI Handler 0-day Exploit with Office 2019

[German]Following the discovery of the Follina vulnerability exploit (CVE-2022-30190) via the Windows ms-msdt protocol, this bastion is being "stormed". A hacker looked at the search-ms: URI handler in Windows 10 and developed an exploit similar to Follina. With the help … Continue reading

Posted in Office, Security, Windows | Tagged , , | 1 Comment

0Patch Micro patch against Follina vulnerability (CVE-2022-30190) in Windows

[German]The ACROS Security team around founder Mitja Kolsek has released a micro-patch to close the 0-click Microsoft Diagnostic Tool remote code vulnerability (CVE-2022-30190, Follina). The micro-patch is available for all customers with Windows and the 0patch agent free license. Here … Continue reading

Posted in Security, Windows | Tagged , , | 1 Comment

Follina vulnerabilitiy (CVE-2022-30190): Status, Findings, Warnings & Attacks

[German]Since the weekend, a new Windows vulnerability CVE-2022-30190 in combination with Microsoft Office has been knows under the name Follina. In the meantime, the US CISA and also the BSI have warned about this vulnerability – while security researchers have … Continue reading

Posted in Office, Security, Windows | Tagged , , | 2 Comments

Advertising

Microsoft 365: Activation issues with Windows Pro Enterprise (May 31, 2022)

[German]Quick question for administrators in the enterprise environment who manage Microsoft 365 licenses (volume licenses, E3/E5). Are you currently experiencing problems with Windows Pro systems no longer activating or losing activation? I have received indications from the readership regarding this … Continue reading

Posted in issue, Windows | Tagged , | 3 Comments

Follina: Attack via Word documents and ms-msdt protocol (CVE-2022-30190)

[German]A new attack vector has been known since the weekend that abuses the Microsoft Support Diagnostics Utility via the ms-msdt: protocol to download and abuse malicious Word documents (or Excel spreadsheets) from the web. Microsoft has since issued a support … Continue reading

Posted in Office, Security, Windows | Tagged , , | 3 Comments