Home > Cyber News > June 2022 Patch Tuesday: Microsoft Patches Follina, CVE-2022-30136

June 2022 Patch Tuesday: Microsoft Patches Follina, CVE-2022-30136

June 2022 Patch Tuesday: Microsoft Patches Follina, CVE-2022-30136

Microsoft’s June 2022 Patch Tuesday has rolled out, containing fixes for 55 vulnerabilities, including the infamous Follina flaw. Until today, only a mitigation was available for the CVE-2022-30190 Microsoft Office zero-day which could be leveraged in arbitrary code execution attacks.

More about Follina

The vulnerability was unearthed by the nao_sec research team, following the discovery of a Word Document uploaded to VirusTotal from a Belarusian IP address. The researchers posted a series of tweets detailing their discovery. The vulnerability leverages Microsoft Word’s external link to load the HTML and then uses the ‘ms-msdt’ scheme to execute PowerShell code.

It is noteworthy that the issue was first described by Microsoft in April as a non-security vulnerability, after a security researcher with Shadow Chaser Group reported observing a public exploit. Despite admitting that the issue was actively exploited in the wild, Microsoft didn’t describe it as a zero-day.

The news that Follina is finally patched means a lot to the security of organizations. It circumvented all security protections, including Microsoft Office’s Protected View, and could execute PowerShell scripts just by opening a Word document. Not surprisingly, it didn’t take long for threat actors to weaponize the vulnerability and use it in phishing attacks that dropped QBot. These attacks targeted US government agencies and Ukrainian media companies.

Fortunately, today is the day that Follina gets fixed alongside the rest of the issues addressed in Patch Tuesday June 2022. The fix for the flaw is included in this month’s cumulative updates, but there’s a standalone security fix for Windows Server, too.

June 2022 Patch Tuesday

The rest of the vulnerabilities that received patches include 12 elevation of privilege vulnerabilities, 12 security feature bypass issues, 27 remote code execution bugs, 11 information disclosure vulnerabilities, 3 denial of service bugs, and 1 spoofing vulnerability.

Of all these flaws, one of the critical bugs, CVE-2022-30136, deserves some special attention. It is a Network File System (NFS) issue, and it has been rated 9.8 out of 10 on the CVSS scale. According to security researchers, the vulnerability is “eerly similar” to CVE-2022-26937.

“On the surface, the only difference between the patches is that this month’s update fixes a bug in NFSV4.1, whereas last month’s bug only affected versions NSFV2.0 and NSFV3.0. It’s not clear if this is a variant or a failed patch or a completely new issue. Regardless, enterprises running NFS should prioritize testing and deploying this fix,” said Jai Vijayan, contributing writer for DarkReading.

We kindly remind you that keeping your (Windows) operating system up-to-date is a crucial aspect of your online security. So, don’t take too long!

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree