Follina: MSDT RCE via malicious Office documents requiring no macros. Disable the MSDT URL protocol as an immediate workaround. Actively exploited by APT groups. Apply June 2022 patches when available.
A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. Microsoft Support Diagnostic Tool Follina vulnerability.
Exploit-DB.ai delivers real-time AI-triaged zero-day alerts directly to your inbox.
Activate Supernova →