Detecting CVE-2022–30190 “Follina”
CyberSift has just pushed an update to it’s Windows Context Workers in order to detect attempts to exploit the CVE-2022–30190 “Follina” vulnerability. Follina abuses the the Microsoft Support Diagnostic Tool (MSDT) to allow an attacker remote code execution when a…