A new vulnerability in the Microsoft Support Diagnostic Tool in Windows has been identified. Known as CVE-2022-30190 or the Follina bug, allows hackers to bypass security measures in place to protect users from phishing emails.
Phishing emails are designed to trick the user into clicking on a malicious link. When Microsoft suspects a phishing email it activates features designed to minimise this risk. The Follina bug allows cybercriminals to circumvent Microsoft’s Protected View features as well as anti-malware detection, thereby exposing users to potential harm.
When a user clicks on this link, it may allow a cybercriminal to take control of the computer.
A workaround has been supplied by Microsoft to be able to successfully mitigate against this threat, disabling access to the Microsoft Support Diagnostic Tool through these links.
Whilst no patch is currently available, we strongly recommend that the workaround is applied to all computers affected as soon as possible.
We are actively working with our clients to minimise the impact of this threat. As part of this, we have applied the workaround to our managed services clients as part of our remote monitoring and management service.
If you are not a managed services (subscription) client, we are happy to assist and support your organisation and take action on your devices to protect against this bug.
Please contact us if you require any assistance.