Windows Follina Zero-Day Mitigation

Discussions of applications and operating systems and any problems, tips or suggestions. Win XP, 9x/2k, Linux, NT, photo editing, Virus/Spyware help
Post Reply
User avatar
FlyingPenguin
Flightless Bird
Posts: 32773
Joined: Wed Nov 22, 2000 11:13 am
Location: Central Florida
Contact:

Windows Follina Zero-Day Mitigation

Post by FlyingPenguin »

Despite the fact that the tech news media is making this out to be an MS Office problem, it's more than that. It's a feature built into all versions of Windows and can be exploited even if Office is not installed.

This has been seen in the wild, and can be exploited as a "no-click" attack.

You can read the boring drivel here: https://www.bleepingcomputer.com/news/s ... g-attacks/

But Steve Gibson posted a mitigation published by Microsoft that essentially removes the ms-msdt protocol handler from the registry. No one needs this feature, so it shouldn't break anything.

1. Run Command Prompt as Administrator.
2. Execute the command “reg delete HKEY_CLASSES_ROOT\ms-msdt /f”
3. Reboot

To play safe, backup your registry first, or just the entire HKEY_CLASSES_ROOT\ms-msdt\ entry.
"Turns out I’m 'woke.' All along, I thought I was just compassionate, kind, and good at history. "

Image
User avatar
Losbot
Almighty Member
Posts: 4991
Joined: Sun Jul 13, 2014 8:59 am
Location: South Florida

Re: Windows Follina Zero-Day Mitigation

Post by Losbot »

Thanks for the head's up!
------------------------------------------

Image
Post Reply