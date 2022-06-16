A few days ago we were able to talk about the vulnerability known as ‘Follina’, one that affects all versions of Microsoft Word from Office 2013, and that combined with an exploit in the search-ms or ms-msdt protocol, it was possible to infect a computer with Windows 10 or 11 just by previewing a text document. Well, Microsoft has been late, but finally There is already an official patch to solve this problem.

Although it has been exploited since April 12, Microsoft did not consider it a problem, since the MSDT utility that needed to be used before the search-ms exploit needed a key provided by a support technician from the firm. However, a defect in the URI scheme of said protocol allowed the malware to evade any security system. Under these lines we tell you how to install the patch so you don’t rely on workarounds.

The latest security patch fixes the vulnerability

The latest patch released yesterday, Tuesday, June 14, solves a multitude of security problems linked to the company’s operating system, including the Follina vulnerability. Identified as ‘CVE-2022-30190’, the problem can already be solved with just update the system with the latest security patches. To find out just in case if we already have it installed, just go to Windows Update on the system and look for the latest updates.

updates fix a total of 61 vulnerabilities, including those related to Follina. Also included in the list are updates for the Intel MMIO vulnerability. You can find the full list through this link.

This vulnerability has been exploited by all kinds of cybercriminals with the aim of compromising the security of US government agencies, or even Ukrainian media organizations.

Via | Twitter