About: Follina (security vulnerability)

Facets (new session)
Description
Metadata
Settings
- Rule:
- Inverse Functional Properties:
- "Same As":

About: Follina (security vulnerability) Goto Sponge NotDistinct Permalink

An Entity of Type : owl:Thing, within Data Space : dbpedia.demo.openlinksw.com associated with source document(s)
QRcode icon

http://dbpedia.demo.openlinksw.com/describe/?url=http%3A%2F%2Fdbpedia.org%2Fresource%2FFollina_%28security_vulnerability%29

Follina is the name given to a remote code execution (RCE) vulnerability, a type of arbitrary code execution (ACE) exploit, in the Microsoft Support Diagnostic Tool (MSDT) which was first widely publicized on May 27, 2022, by a security research group called Nao Sec. This exploit allows a remote attacker to use a Microsoft Office document template to execute code via MSDT. This works by exploiting the ability of Microsoft Office document templates to download additional content from a remote server. If the size of the downloaded content is large enough it causes a buffer overflow allowing a payload of Powershell code to be executed without explicit notification to the user. On May 30 Microsoft issued CVE-2022-30190 with guidance that users should disable MSDT. Malicious actors have been ob

Attributes	Values
rdfs:label	Follina (security vulnerability) (en)
rdfs:comment	Follina is the name given to a remote code execution (RCE) vulnerability, a type of arbitrary code execution (ACE) exploit, in the Microsoft Support Diagnostic Tool (MSDT) which was first widely publicized on May 27, 2022, by a security research group called Nao Sec. This exploit allows a remote attacker to use a Microsoft Office document template to execute code via MSDT. This works by exploiting the ability of Microsoft Office document templates to download additional content from a remote server. If the size of the downloaded content is large enough it causes a buffer overflow allowing a payload of Powershell code to be executed without explicit notification to the user. On May 30 Microsoft issued CVE-2022-30190 with guidance that users should disable MSDT. Malicious actors have been ob (en)
name	Follina (en)
dcterms:subject	2022 in computing Injection exploits Software bugs Computer security
Wikipage page ID	70931879 (xsd:integer)
Wikipage revision ID	1097512267 (xsd:integer)
Link from a Wikipage to another Wikipage	2022 in computing Arbitrary code execution Injection exploits Software bugs Common Vulnerabilities and Exposures Microsoft Support Diagnostic Tool Computer security Buffer overflow Microsoft Office Software bug Exploit (computer security) Powershell
sameAs	Follina (security vulnerability) Follina (security vulnerability)
dbp:wikiPageUsesTemplate	dbt:Infobox_bug dbt:CVE dbt:Reflist dbt:Short_description dbt:Start_date_and_age dbt:Computer-security-stub
discovered	2022-05-27 (xsd:date)
has abstract	Follina is the name given to a remote code execution (RCE) vulnerability, a type of arbitrary code execution (ACE) exploit, in the Microsoft Support Diagnostic Tool (MSDT) which was first widely publicized on May 27, 2022, by a security research group called Nao Sec. This exploit allows a remote attacker to use a Microsoft Office document template to execute code via MSDT. This works by exploiting the ability of Microsoft Office document templates to download additional content from a remote server. If the size of the downloaded content is large enough it causes a buffer overflow allowing a payload of Powershell code to be executed without explicit notification to the user. On May 30 Microsoft issued CVE-2022-30190 with guidance that users should disable MSDT. Malicious actors have been observed exploiting the bug to attack computers in Russia and Belarus since April, and it is believed Chinese state actors had been exploiting it to attack the Tibetan government in exile based in India. Microsoft patched this vulnerability in its June 2022 patches. (en)
affected software	Microsoft Security Diagnostic Tool (en)
patched	2022-06-14 (xsd:date)
prov:wasDerivedFrom	wikipedia-en:Follina_(security_vulnerability)?oldid=1097512267&ns=0
page length (characters) of wiki page	3144 (xsd:nonNegativeInteger)
foaf:isPrimaryTopicOf	wikipedia-en:Follina_(security_vulnerability)
is Link from a Wikipage to another Wikipage of	Arbitrary code execution Microsoft Support Diagnostic Tool
is foaf:primaryTopic of	wikipedia-en:Follina_(security_vulnerability)

Faceted Search & Find service v1.17_git139 as of Feb 29 2024

Alternative Linked Data Documents: ODE Content Formats:

RDF

ODATA

Microdata

About

OpenLink Virtuoso version 08.03.3330 as of Mar 19 2024, on Linux (x86_64-generic-linux-glibc212), Single-Server Edition (378 GB total memory, 67 GB memory in use)
Data on this page belongs to its respective rights holders.
Virtuoso Faceted Browser Copyright © 2009-2024 OpenLink Software