VIETNAM INFORMATION SECURITY ASSOCIATION

The risk of cyber attacks through the Follina vulnerability in Microsoft’s tool

According to the Information Security Administration, Microsoft has yet to release a patch for the Follina vulnerability in the Microsoft Support Diagnostic Tool. Meanwhile, the exploit code of this vulnerability has been published on the Internet.Microsoft Support Diagnostic Tool is a hidden tool on Windows 10, which is responsible for reporting errors on a user’s computer to Microsoft for diagnostics.

The Department of Information Security, Ministry of Information and Communications has just officially issued a warning to the IT specialized units of ministries, branches and localities; state-owned corporations and corporations; commercial banks, financial institutions, and a system of information security units supporting the CVE-2022-30190 security vulnerability (also known as follina vulnerability) in the Microsoft Support Diagnostic Tool.

Risk of cyber attacks through Follina vulnerability in Microsoft Support Diagnostic tool The Information Security Administration recommends that units check, review, and identify machines using the Windows operating system that are likely to be affected by the Follina vulnerability.

According to the Information Security Administration, on May 30, Microsoft officially announced the Follina security vulnerability in the Microsoft Support Diagnostic Tool, affecting Microsoft Office’s version of Office 2013/2016/2019/2021 and professional plus versions.This vulnerability allows the attacker to execute the code at will, thereby having the right to view, change or delete data…

The Follina vulnerability was discovered with the first signs of exploitation on April 12 when it used malicious Word documents to execute PowerShell code.”At this time, Microsoft has not yet released a patch for this vulnerability while Follina’s exploit code has been widely publicized on the Internet; It shows that the impact of this vulnerability is very large,” the Information Security Administration said.

In order to ensure information security for the information systems of agencies, units and businesses, contributing to ensuring the safety of Vietnam’s cyberspace, the Information Security Department recommends that units check, review and identify machines using the Windows operating system that are likely to be affected by follina vulnerability.

Noting once again that Microsoft has not yet released a patch for the Follina security vulnerability, the Information Security Administration expert pointed out that units need to take alternative corrective steps to minimize the risk of an attack and wait until the patch is announced by Microsoft.

In addition, the Information Security Department also requested agencies, organizations and enterprises to further strengthen the supervision and ready the handling plan when detecting signs of exploitation and cyber attack; regularly monitor the warning channel of the authorities and large organizations on information security to promptly detect the risk of cyber attacks.