60
Downloads
1
Endorsements
1
Components
Sorry you need to login to submit improvement.

This product pack will mitigate the Follina vulnerability in milliseconds with 1E Tachyon.
Zero-day exploits that can run without requiring elevated privileges which do not have available patches out quickly, and which allow the bad actor to install software and make other arbitrary changes to devices, are about as bad as they come.

Scenario

“Follina,”as reported in Techcrunch and elsewhere ticks all the wrong boxes and impacts 41 Microsoft products including Windows 11 and Office 365. Huntress research even identified a way to have this execute without the user even having to CLICK anything (hovering over the icon can trigger the exploit!).

The good news is that although there is no official patch – Microsoft have issued an advisory which includes information on a registry key you can delete, to mitigate the risk.

The better news is that, if you are a 1E Tachyon customer, you can implement that advice with ease, on any/all of your devices, immediately.

1E Tachyon instruction for Follina
Backup and delete MSDT registry hive HKEY_CLASSES_ROOT\ms-msdt

That’s it. Problem solved. Risk averted.

The instruction follows the exact Microsoft advice, running a command to back up the reg keys first – so they can be imported later. Another option allows you to restore the same keys if desired.

This was written in minutes with TIMS (Tachyon Instruction Management Studio), using the Tachyon Method NativeServices.RunCommand() and the in-built Registry functions.

This Follina attack is an example of one of many “Living off the land” type exploits which uses PowerShell or other “on-box” tools to perform nefarious tasks for the attacker.

Even without this specific instruction, you could use the existing instructions to delete a named Registry Key if immediate response is required.

With 1E Tachyon you can apply the fix to all endpoints in milliseconds and then move on with your day.

Components

Known Issues / Additional Notes

Info

Status
Verified
Author
1E Product Pack Team
Category
Security
Tags
attack cyber patch scan Security vulnerability
Added
4 months ago
Last Updated
6 hours ago
Downloads
60
Compatibility
Platform - v5.1, v8.1, v8.0, v5.2
Os Supported - Microsoft Windows 11, 10, 8.1, 7, Windows Server 2019, 2016

This website is designed for desktop. If using a mobile browser please change to desktop view.