Follina: How to protect your PC from the newest Windows Exploit

preview_player
Показать описание
The new Follina zero-day attack is being exploited in the wild. Dave explains how to lock out attackers with a simple registry fix after explaining the Top 3 styles of zero-day attack: the application exploit, the operating system exploit, and the escalation exploit.

Since the comments are filling up with the "Linux fixes everything" stuff I suggest that you google "linux equifax zeroday" before posting that Linux solves everything :-)

0:00 Intro
0:51 Defining zero-day exploit
2:09 What's good is a zero-day exploit for an attacker?
5:04 Follina exploit
7:01 Implementing a manual workaround against Follina
8:26 Outro and info about different background visuals for this video

For information on my book, "Secrets of the Autistic Millionaire":

My other channel, join now so you're there for episode 01 of my AudioBook!

Primary Equipment (Amazon Affiliate Links):

As always, all content and opinions are mine only, (c) 2022 Plummer's Software LLC. I am not now nor have I ever been a spokesperson for Microsoft, and retired from my technical role almost 20 years ago.
  1. Dave's Garage
  2. zero day exploit
  3. zero-day attack
  4. zero day exploit explained
  5. zero-day exploits
  6. follina
Рекомендации по теме
How to protect 0:02:40

How to protect your PC from zero day vulnerability (FOLLINA) | The workaround | Night Shine Phoenix

Follina: How to 0:10:19

Follina: How to protect your PC from the newest Windows Exploit

Protecting against 'Follina' 0:04:15

Protecting against 'Follina' zero-day vulnerability

let’s play with 0:21:21

let’s play with a ZERO-DAY vulnerability “follina”

What You Need 0:07:44

What You Need To Know About Microsoft Office Follina Exploit

Follina – The 0:01:59

Follina – The Macro-Less Document Attack | Cyber Protection Operation Center News

Microsoft ZERO-DAY vulnerability 0:08:30

Microsoft ZERO-DAY vulnerability “follina” msdt | CVE-2022-30190 | Explained Exploitation & Work...

Follina- MSDT Exploit- 0:17:50

Follina- MSDT Exploit- CVE2022-30190 Explained with Detection and Mitigation

SANS Emergency Webcast: 0:46:34

SANS Emergency Webcast: Follina MSDT (MS Word) 0-day - Analysis and Remediation w/ Jake Williams

Mastering Follina (CVE-2022-30190): 0:03:43

Mastering Follina (CVE-2022-30190): Exploitation, Detection and Mitigation - Course Overview

ThreatLocker - Follina 0:04:22

ThreatLocker - Follina MSDT Attack: What We Know So Far

Hackers are exploiting 0:11:32

Hackers are exploiting the Follina 0-day like crazy - What can you do?

SA - SOC173-123 0:25:32

SA - SOC173-123 - Follina 0-Day Detected

Windows Zero-day Hack 0:05:55

Windows Zero-day Hack Fix - Automate Follina Vulnerability Workaround using PowerShell

Virsec Protects: Follina 0:04:24

Virsec Protects: Follina Exploit

Microsoft “Word” CVE 0:03:30

Microsoft “Word” CVE 2022-30190 AKA Follina Demo

Windows Zero Day: 0:07:52

Windows Zero Day: MSDT Follina Exploit Demonstration

FOLLINA... expliqué en 0:09:20

FOLLINA... expliqué en 5 minutes

Exploiting a 0-Day 0:11:26

Exploiting a 0-Day MSDT Follina

Follina - Mitigate 0:01:24

Follina - Mitigate Microsoft Office zero-day MSDT - CVE-2022-30190

Microsoft Office Zero-Day 0:03:02

Microsoft Office Zero-Day Vulnerability | Follina | CVE-2022-30910 | Support Diagnostic Tool Exploit

Follina (CVE-2022-301900) 0:01:28

Follina (CVE-2022-301900)

Follina -- Exploiting 0:03:07

Follina -- Exploiting MS-MSDT 0-Day CVE-2022-30190

Disable MSDT URL 0:04:50

Disable MSDT URL (CVE-2022-30190, Follina) with Quest KACE SMA & PowerShell

Комментарии
Автор

Missing chapter marks:
0:00 Intro
0:51 Defining zero-day exploit
2:09 What's good is a zero-day exploit for an attacker?
5:04 Follina exploit
7:01 Implementing a manual workaround against Follina
8:26 Outro and info about different background visuals for this video

MikkoRantalainen
Автор

I appreciate you sharing your knowledge. I feel like I've got someone on the inside when I watch your videos.

kylewollman
Автор

The Stuxnet story is truly amazing. I´m reading the book "Countdown to Zero Day" from Kim Zetter and the details of how it happened are mind blowing. This is the work of a REALLY good dev.

fofaocanudo
Автор

I'm glad you're here for us Dave. Thank you so much for the info and everything you do.

martymcpeak
Автор

Thanks for this. The background info is really interesting, but a walkthrough of the exact issue and how to avoid it is so much better than a Microsoft notice!

chrisdulledge
Автор

Hey Dave, as a non-native speaker I like to turn English subtitles on, so I can more easily understand what you are saying. Or even to watch your videos in a noisy room. However, there are two issues:
1) Sometimes you put text at the place where the subtitles go, making it unreadable.
2) The automatically generated subtitles struggle a lot with technical terms, and totally butcher what you are saying.
The first issue is not so bad, I can toggle the subtitles on and off to see what it says. For the second one: Would it be possible for you to add subtitles yourself? I can completely understand if that takes too much time, just a suggestion! Love your videos!

rickbude
Автор

Thanks for this, your instructions easier than many of the others I've seen today.

randallgreen
Автор

The impact of such as Asperger and associated issues are huge. Both of my children are affected, I attended an interview/consultation with the eldest, (in her early thirties) and thought the consultant was talking about me. They were not, but if the cap wears it, perhaps after all it is yours. I feel guilt for the 'gift' I have given them. Somehow I muddled through over three quarters of a century and a bit more. Now I fight to keep the moving forward, making the best life they can have. Thank you for your work and for spreading the warnings as you have done in this video. I have already installed the work around.

richardjones
Автор

The line between Zero day vulnerabilities and back doors is blurry. One might claim the msdt handling is itself a backdoor. Who implemented that feature and what were their intentions?

karapuzo
Автор

I find it just a bit ironic, that YOU of all people, would feel you need a PRO to come fix your Great stuff, been subbed a while, and watch daily for your input.... Thanks for taking the time with us..

lpconserv
Автор

Thank you, Dave. I sincerely appreciate your information filled videos, as well as your unique knowledge and point of view. Thank you for the videos.

Xeanthorn
Автор

Can't wait to see the NSA Key episode. This channel is amazing, a lot of it feels like a time machine into the past, and the rest seem to be just great info. Thank you for doing this!

kelvington
Автор

Correct me if I'm wrong, but the far quicker approach for issues like this (where the key name matters): Since there aren't any additional keys or entries, just rename the sub key "shell" by adding "-disabled" or similar (i.e. "shell-disabled"). This leaves the protocol itself as well as potential access rights for the registry key intact (even though this doesn't apply in this instance). At the same time it still prevents the protocol (and therefore the attack) from working. To undo it once it's been patched, just rename the key again.

Smaxx
Автор

I'm a new viewer to the channel and I'm loving the videos! Thank you.

danielp
Автор

Boy I love that reference to the friendly giant at the end, I always stay for it. 🥰

scbtripwire
Автор

This was immensely helpful, thank you Dave!!!

NipkowDisk
Автор

For anyone looking to get right to the protection instructions: 7:16

WACOMalt
Автор

Thanks for posting this, I didn't come across this yet on my usual news sources.

meatpockets
Автор

Thank you Dave! Seen one other YouTuber that used CMD to do this, but your way was way more simpler! Granted I'm not the type that ever goes near the registry, for any reason. However, with Dave leading the way, I dove in head first! :-)

gallorumrex
Автор

I like your new camera setup! Nice use of depth of field

Pindrop