Microsoft Patch Fixes Follina Bug



Microsoft issued its last regular patch update round this week, fixing over 50 CVEs, including the malicious zero-day bug “Follina.”

Officially named CVE-2022-30190, Follina, as reported last week, is being exploited in the wild by state-backed actors and the operators behind Qakbot, which has links to ransomware groups. It’s a remote code execution (RCE) bug affecting the popular utility Windows Support Diagnostic Tool (MSDT).

As well as patching Follina, Microsoft patched three other critical vulnerabilities this month.

Read more…