Windows 10: Was Follina CVE-2022-30190 not actually addressed in the June 2022 Security Patch?

Discus and support Was Follina CVE-2022-30190 not actually addressed in the June 2022 Security Patch? in Windows 10 Software and Apps to solve the problem; Hello, I have an issue with the flow of information when using the MSRC Portal, as the Follina CVE CVE-2022-30190 is not showing as part of the CVE's... Discussion in 'Windows 10 Software and Apps' started by BenHWEX, Sep 6, 2022.

  1. BENHWEX
    BenHWEX Win User

    Was Follina CVE-2022-30190 not actually addressed in the June 2022 Security Patch?


    Hello, I have an issue with the flow of information when using the MSRC Portal, as the Follina CVE CVE-2022-30190 is not showing as part of the CVE's addressed in the June 2022 patch, even though it does say that the June 2022 Security Patch fixes the Vulnerability. Please follow my steps: MSRC's Follina CVE page https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-30190 Navigate to the bottom and select the KB Article for Server 2019 this applies to all other KB Articles, but this is my examplehttps://support.microsoft.com/en-gb/topic/june-14-2022-kb5014692-os-build-17763

    :)
     
    BenHWEX, Sep 6, 2022
    #1
  2. ṢMEED
    Ṣmeed Win User
    Ṣmeed, Sep 6, 2022
    #2
  3. NLKS
    nlks Win User
    Follina - Impacted Software & Patches

    Hi,

    I would like to seek clarification on the Follina vulnerability - CVE-2022-30190.

    In some of the security blogs (e.g. this), it was mentioned that this vulnerability affecting several MS Office version, but according to Microsoft guide here, security patches were released for several OS. Therefore I have the following doubts:

    1. Does the vulnerability only impacting server/workstation with MS Office installed?

    2. Noticed the patches listed in the MS guide above were released on 30 May but I understand that Follina patches were released only on 14 Jun 2022. I further check the KB article and they does not stated to address CVE-2022-30190. So what are the relationship of the patches listed here?

    I would like to confirm the above to ensure my company endpoint are all patched to get protected.

    Thank you.
     
    nlks, Sep 6, 2022
    #3
  4. UBISI
    Ubisi Win User

    Was Follina CVE-2022-30190 not actually addressed in the June 2022 Security Patch?

    CVE-2022-30190 Microsoft Support Diagnostic Tool Vulnerability

    Hi Brain

    please simplify your response , do you mean if the folder ms-msdt is not in the registry , the server is not vulnarable to CVE-2022-30190
     
    Ubisi, Sep 6, 2022
    #4
Thema:

Was Follina CVE-2022-30190 not actually addressed in the June 2022 Security Patch?

Loading...

  1. Was Follina CVE-2022-30190 not actually addressed in the June 2022 Security Patch? - Similar Threads - Was Follina CVE

  2. CVE-2022-30190 workaround for Windows 7

    in Windows 10 Gaming
    CVE-2022-30190 workaround for Windows 7: The guidance for CVE-2022-30190 mentions deleting the MSDT URL Protocol as a workaround for this vulnerability. https://msrc-blog.microsoft.com/2022/05/30/guidance-for-cve-2022-30190-microsoft-support-diagnostic-tool-vulnerability/However, the FAQ says "The registry key...

  3. CVE-2022-30190 workaround for Windows 7

    in Windows 10 Software and Apps
    CVE-2022-30190 workaround for Windows 7: The guidance for CVE-2022-30190 mentions deleting the MSDT URL Protocol as a workaround for this vulnerability. https://msrc-blog.microsoft.com/2022/05/30/guidance-for-cve-2022-30190-microsoft-support-diagnostic-tool-vulnerability/However, the FAQ says "The registry key...

  4. Was Follina CVE-2022-30190 not actually addressed in the June 2022 Security Patch?

    in Windows 10 Gaming
    Was Follina CVE-2022-30190 not actually addressed in the June 2022 Security Patch?: Hello, I have an issue with the flow of information when using the MSRC Portal, as the Follina CVE CVE-2022-30190 is not showing as part of the CVE's addressed in the June 2022 patch, even though it does say that the June 2022 Security Patch fixes the Vulnerability. Please...

  5. Microsoft June 2022 Security Updates

    in Windows 10 Software and Apps
    Microsoft June 2022 Security Updates: June 2022 Security UpdatesUpdates this MonthThis release consists of security updates for the following products, features and roles..NET and Visual StudioAzure OMIAzure Real Time Operating SystemAzure Service Fabric ContainerIntelMicrosoft Edge Chromium-basedMicrosoft...

  6. Microsoft June 2022 Security Updates

    in Windows 10 Installation and Upgrade
    Microsoft June 2022 Security Updates: June 2022 Security UpdatesUpdates this MonthThis release consists of security updates for the following products, features and roles..NET and Visual StudioAzure OMIAzure Real Time Operating SystemAzure Service Fabric ContainerIntelMicrosoft Edge Chromium-basedMicrosoft...

  7. Microsoft June 2022 Security Updates

    in Windows 10 Gaming
    Microsoft June 2022 Security Updates: June 2022 Security UpdatesUpdates this MonthThis release consists of security updates for the following products, features and roles..NET and Visual StudioAzure OMIAzure Real Time Operating SystemAzure Service Fabric ContainerIntelMicrosoft Edge Chromium-basedMicrosoft...

  8. CVE-2022-30190 Microsoft Support Diagnostic Tool Vulnerability

    in Windows 10 Software and Apps
    CVE-2022-30190 Microsoft Support Diagnostic Tool Vulnerability: Hello Guys,Could you please help me on this.For the Microsoft Diagnostic Tool Vulnerability I have found the workaround like below.Run Command Prompt as Administrator.To back up the registry key, execute the command “reg export HKEY_CLASSES_ROOT\ms-msdt filename“Execute the...

  9. CVE-2022-30190 Microsoft Support Diagnostic Tool Vulnerability

    in Windows 10 Gaming
    CVE-2022-30190 Microsoft Support Diagnostic Tool Vulnerability: Hello Guys,Could you please help me on this.For the Microsoft Diagnostic Tool Vulnerability I have found the workaround like below.Run Command Prompt as Administrator.To back up the registry key, execute the command “reg export HKEY_CLASSES_ROOT\ms-msdt filename“Execute the...

  10. [NEW UNPATCHED EXPLOIT] How to be safe from the CVE-2022-30190 exploit workaround /...

    in AntiVirus, Firewalls and System Security
    [NEW UNPATCHED EXPLOIT] How to be safe from the CVE-2022-30190 exploit workaround /...: So, there has been a new exploit called CVE-2022-30190 MSDT exploit that's been going on for about 7 weeks not 100% accurate and I kinda wanted to make a little post about the official temporary workaround Microsoft Security Response Center article here. Also yes, it should...