POC详情: 012e1e96a250d32c048ca8e9f2986687474ac5f7

来源
https://github.com/derco0n/mitigate-folina
关联漏洞
标题: Microsoft Windows Support Diagnostic Tool 操作系统命令注入漏洞 (CVE-2022-30190)
描述:Microsoft Windows Support Diagnostic Tool是美国微软(Microsoft)公司的收集信息以发送给 Microsoft 支持的工具。 Microsoft Windows Support Diagnostic Tool (MSDT)存在操作系统命令注入漏洞。以下产品和版本受到影响:Windows 10 Version 1809 for 32-bit Systems,Windows 10 Version 1809 for x64-based Systems,Windows
描述
Mitigates the "Folina"-ZeroDay (CVE-2022-30190)
介绍
# mitigate-folina
Mitigates the "Folina"-ZeroDay (CVE-2022-30190) and "Search"-Nightmare (no CVE given at the moment)

This script will backup and then remove the affected registry key (as suggested by Microsoft) to mitigate CVE-2022-30190).
If parameterized with "-revert" the script will reimport the key.
This can be used when Microsoft releases a patch.

Script must be run as administrator or NT-AUTHORITY\SYSTEM (can be deployed via GPP as a startscript or scheduled task)

- https://msrc-blog.microsoft.com/2022/05/30/guidance-for-cve-2022-30190-microsoft-support-diagnostic-tool-vulnerability/
- https://www.heise.de/news/Zero-Day-Luecke-Erste-Cybergangs-greifen-MSDT-Sicherheitsluecke-an-7128265.html
- https://www.heise.de/news/Zero-Day-Luecke-in-MS-Office-Microsoft-gibt-Empfehlungen-7126993.html
- https://www.bleepingcomputer.com/news/security/new-windows-search-zero-day-added-to-microsoft-protocol-nightmare/
文件快照

 [4.0K]  /data/pocs/012e1e96a250d32c048ca8e9f2986687474ac5f7
├── [ 34K]  LICENSE
├── [6.4K]  mitigate-folina.ps1
├── [6.4K]  mitigate-searchms.ps1
└── [ 925]  README.md

0 directories, 4 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。