CVE-2022-30190(Follina)

-

 

CVE-2022-30190(Follina)

Introduction

If you're into cybersecurity and don't know what CVE-2022-30190 is, then go ahead and look it up. It's a huge vulnerability to have, and it can hurt businesses hard: the cost of cleaning up after this vuln is astronomical. If you already know about it, then congrats! You've probably already patched your systems against the vulnerability. If not, well... you should probably do that now.

CVE-2022-30190

The CVE-2022-30190 zero-day vulnerability has been found in Microsoft Desktop Engine (MSDE) database engine. It is a database engine that is used in Microsoft SQL Server. It can be used to run Microsoft Access on remote systems such as Windows 7 or 8. MSDE was developed to help organizations manage their data with Microsoft Access, but it is no longer supported by the company since 2005 and there are no security updates available for it as well.

If you're running an older version of Office with a vulnerable version of MSDE installed on your machine, hackers could exploit this issue to gain remote access and gain full control over your computer or network. The attacker could then execute any code they want or steal confidential information from the system they have accessed.

Follina

  • Follina is a zero-day vulnerability

  • Follina is a hacking tool

  • Follina is a cyber security threat

Microsoft Desktop Engine (MSDE)

Microsoft Desktop Engine (MSDE) is a database engine. It is a SQL Server database engine that can be used by Microsoft SharePoint, or the Microsoft Exchange Server 2003 family of products.

This is a flaw in the Follina application that can be used to execute arbitrary code.

This vulnerability was discovered by an independent researcher, who reported it to Follina.

A variant of this issue was publicly disclosed without coordination with the vendor or an embargo on July 5th, 2019.

The following are affected: Follina 3.2 (build number 20) and earlier versions; Follina 4.0 (build numbers 30 and 31); one version of Follina for Android (4.0).

MSDE is a zero-day vulnerability

MSDE is a database server. It's used by SQL Server 2000, SQL Server 7, and SQL Server 6.5 applications. The vulnerability allows remote code execution attacks on systems running vulnerable versions of MSDE.

Conclusion

CVE-2022-30190 is a zero-day vulnerability in the Microsoft Desktop Engine (MSDE) that allows an attacker to execute arbitrary code on a Windows computer by simply sending an email to its inbox. The CVE number is unique and assigned by MITRE Corporation, an American not-for-profit organization based out of Bedford Massachusetts whose primary mission is to provide a common language for describing security vulnerabilities.

Popular posts from this blog

All You Need to Know about Need For Speed: Unbound

-
Image
  Need For Speed Unbound Need for Speed: Unbound is a racing video game developed by Electronic Arts Canada and published by Electronic Arts. It is the first installment in the Need for Speed series not to be developed by Black Box Studios. The game was released for Microsoft Windows on March 15, 2011. The game's story follows Jack Rourke, a street racer who is framed by a rival racer, Ray Krieger, and is sent to prison. After being released, Jack seeks revenge on Krieger. To do so, he must enter and win an illegal street racing tournament held by Krieger. Need for Speed: Unbound features a large open-world environment, which is set in the fictional metropolis of Fortune Valley. The player can explore the world freely and can participate in various races and challenges. The game also features a new gameplay mode called "Fiend", which is a time-based race mode where the player must complete various objectives within a time limit. The game received mixed reviews from cr...
Read more

Fall of Bitcoin and GPU prices

-
Bitcoin Crash and GPU Prices Introduction The Bitcoin crash of June,2022has sent shockwaves through the cryptocurrency market, and with it, GPU prices are starting to fall. While we don't necessarily recommend buying up graphics cards for mining purposes, this is good news for gamers who are tired of paying inflated prices for graphics cards. If you've been holding off on upgrading your graphics card for any reason, now might be the best time to do so in two years. Bitcoin's price is crashing and the entire cryptocurrency market is taking a beating. You may have heard that Bitcoin's price is crashing and the entire cryptocurrency market is taking a beating. You may be wondering why this was a thing in the first place and what it means for your GPU mining rig. If you're here because you're wondering about how to get back into mining after last year's boom, read on—we've got some tips for both beginner and professional miners alike! GPU prices are dropping...
Read more