Microsoft Office RCE - “Follina” MSDT Attack - CVE-2022-30190

Huntress Blog Post:
Rapid Response: Microsoft Office RCE - “Follina” MSDT Attack
This post, as is the norm for emerging threats, is a developing article and may be subject to change as the Huntress team learns more about this attack vector and new information is available.

Jump Links

CVE-2022-30190

Understanding the Exploit

Detection Efforts

Mitigation Efforts

The Non-Technical Version of What's Happening

Further Reading