Threat Advisory

Microsoft released patch of zero-day vulnerability

July 16, 2022 | By Accorian

Microsoft officially patches the zero-day vulnerability known as Follina in the latest Patch Tuesday updates. Along with this, Microsoft also patched 55 other vulnerabilities including 3 critical patches and others marked as Important. The 3 critical vulnerabilities can allow remote code execution attacks. Other vulnerabilities which were patched are Elevation of Privilege, Information Disclosure, Denial of Service, and spoofing issues. You can find the full list of the patches over here.

Microsoft disclosed the Follina vulnerability (CVE-2022-30190) on May 30 as being actively exploited. The vulnerability could potentially execute malicious PowerShell commands via Microsoft Diagnostic Tool (MSDT) by opening a word document. The exploit worked without requiring elevated privileges and even bypasses the need to enable macros. Additionally, this vulnerability bypassed all security protections, including Microsoft Office’s Protected View. Besides this, the security updates also resolved other remote code execution flaws like CVE-2022-30136, CVE-2022-30163, and CVE-2022-30147, which was a privilege escalation vulnerability. 

Microsoft officially stated that it is ending the support for Internet Explorer 11 starting June 15, 2022, on Windows 10 Semi-Annual Channels and Windows 10 IoT Semi-Annual Channels.

 Accorian suggests all system administrators push these necessary patches as soon as possible to eliminate any potential exploitation. 

Recent Post

    Ready to Start?

      Ready to Start?

        Download Case study

          Download Guide

          Human Resources Director

          Posted On: 09 May, 2022

          Drop your CVs to

            Interested Position

            First Name

            Last Name


            Total Experience

            Mobile Number

            Upload Resume