Windows: the June update plugs the Follina flaw exploited by hackers

Microsoft has released its June Patch Tuesday for Windows 7, 8, 10 and 11, and this update closes the Follina flaw. This is a 0-day vulnerability, exploited by hackers.

Details about Follina came to light last month, when it was learned that the mishandling of URL protocols in the Microsoft Support Diagnostic Tool (MSDT) allowed an application like Microsoft Word to invoke it to trigger a remote code execution, potentially with administrator privileges.

Since this issue affects virtually all versions of Windows, Microsoft has assigned a severity level of “High” and has recommended some mitigations. With the June update, we are entitled to a permanent fix for this issue. Here’s what Microsoft noted :

The update for this vulnerability can be found in the June 2022 Windows Cumulative Updates. Microsoft strongly recommends that customers install updates to be fully protected against this vulnerability. Customers whose systems are configured to receive automatic updates do not need to take any further action.

Unfortunately, DogWalk, another 0-day exploit, is still active. Unveiled last week, it can be used to set up malware that launches automatically at each login. The downloaded diagcab file has a Mark-of-the-Web (MOTW) tag but Microsoft Support (MSDT) ignores the warning and runs it anyway, making users vulnerable to this potential exploit.

There is already an unofficial patch, but Microsoft does not offer its own yet. In reality, the group believes that this flaw is not that important.