Despite the fact that the tech news media is making this out to be an MS Office problem, it's more than that. It's a feature built into all versions of Windows and can be exploited even if Office is not installed.
This has been seen in the wild, and can be exploited as a "no-click" attack.
You can read the boring drivel here: https://www.bleepingcomputer.com/news/s ... g-attacks/
But Steve Gibson posted a mitigation published by Microsoft that essentially removes the ms-msdt protocol handler from the registry. No one needs this feature, so it shouldn't break anything.
1. Run Command Prompt as Administrator.
2. Execute the command “reg delete HKEY_CLASSES_ROOT\ms-msdt /f”
3. Reboot
To play safe, backup your registry first, or just the entire HKEY_CLASSES_ROOT\ms-msdt\ entry.
Windows Follina Zero-Day Mitigation
- FlyingPenguin
- Flightless Bird
- Posts: 32783
- Joined: Wed Nov 22, 2000 11:13 am
- Location: Central Florida
- Contact:
Windows Follina Zero-Day Mitigation
Christians warn us about the anti-christ for 2,000 years, and when he shows up, they buy a bible from him.
Re: Windows Follina Zero-Day Mitigation
Thanks for the head's up!
------------------------------------------