Create your own native application from your website in minutes with AppMySite (no coding required): https://www.appmysite.com/?utm_source...

This is the recently discovered Follina exploit which is assigned as CVE-2022-30190. It allows the hacker to get a Remote Code Execution (RCE) on your computer. In-order to trigger this exploit, the user need not even open the maldoc, he/she just needs to preview it!
The vulnerability lies in the MS-MSDT URL protocol - Windows blindly executes code when this protocol is used along with some parameters and a powershell expression.

DISCLAIMER
This video is made only for educational purposes and to bring awareness in viewers about this zero day exploit, and it contains instructions on how to protect yourself from it. So take it the right away, do not use it on anyone without their consent. This is a serious thing.

Check out John Hammond's video for a more in-depth explanation about this exploit:    • Exploiting MSDT 0-Day CVE-2022-30190  

A workaround for this vulnerability is to disable MSDT URL protocol on your computer. In-order to do that:
1. Open cmd as administrator
2. Backup your registry key with the command: reg export HKEY_CLASSES_ROOT\ms-msdt filename
3. Disable MSDT: reg delete HKEY_CLASSES_ROOT\ms-msdt /f

This should make you invulnerable to this exploit until the patch releases.

Stay safe guys!
Thanks for watching!
SUBSCRIBE for more videos!

Join my Discord:   / discord  
Follow me on Instagram:   / teja.techraj  
Website: https://techraj156.com​​​​​
Blog: https://blog.techraj156.com

#zeroday