At a time when cyber threats are increasingly sophisticated, understanding and i...
See how Gytpol detects and remediates Follina with zero impact
Once again, Gytpol is the only solution in the market to provide a full remediation to this unresolved zero day.
Earlier this week, a new zero day arrived, it is called Follina (MS Office CVE-2022-30190) and impacts any organization using Microsoft Office.
Microsoft recommended removing a registry key.
After researching the Microsoft recommendation – Gytpol discovered that this is not sufficient and an attacker can still access computers in the network!
Therefore, we’ve added a couple of other registry settings, and these are the changes we’ve made in our remediation:
1. Remove “HKEY_CLASSES_ROOT\ms-msdt” key (MS recommendation against outsider threat)
2. Disable: “HKLM:\SOFTWARE\Policies\Microsoft\Windows\ScriptedDiagnostics\EnableDiagnostics” (diagnostic tool vs. insider threat)
3. Disable: “HKLM:\SOFTWARE\Policies\Microsoft\Windows\WDI\{C295FBBA-FD47-46ac-8BEE-B1715EC634E5}\DownloadToolsEnabled” (troubleshooting tool vs. insider threat)
Gytpol’s Security Configuration Management solution is now supporting both detection and automatic remediation of the Follina vulnerability.
Our remediation capability is a single button press from a single centralized platform. Enabling you to rapidly reduce your attack surface and saving you time. The full continuous visibility which Gytpol provides allows you to know for sure that you are protected from Follina and hundreds of other misconfigurations exploited by hackers.
About Author
Simone Lavi
Subscribe to
our Newsletter
We are ready to help you until and unless you find the right ladder to success.
Related Posts
Join over 25,000 in beating the failure of strategies by following our blog.
In the fast-paced world of technology, where innovation is a constant, it’s cruc...
4 minute read
Introduction:
Comments