SANS Emergency Webcast: Follina MSDT (MS Word) 0-day - Analysis and Remediation w/ Jake Williams

Channel:
United States SANS Institute
Subscribers:
64,000
Published on ● Video Link: https://www.youtube.com/watch?v=vHW_hb2m_pw


Category:
Guide
Duration: 46:34
12,845 views
158

A fascinating Word document was uploaded to a file scanning service last week. Researchers found it over the weekend, and it's clear there's a Zero-day allowing code execution in malicious Office documents. Upon identification, the SANS team went to work investigating the vulnerability and potential remediation of CVE-2022-30190. Join SANS and Jake Williams to learn what we uncovered on how the Follina vulnerability works, how to detect exploitation, and how to remediate.

PPTX Slides on What To Tell Your Boss
In case you are asked to brief management: We do have some PowerPoint slides to get you started. Find them and more information on the vulnerability here: https://isc.sans.edu/forums/diary/New+Microsoft+Office+Attack+Vector+via+msmsdt+Protocol+Scheme/28694/


SANS is the most trusted and by far the largest source for information security training and security certification in the world. It also develops, maintains, and makes available at no cost, the largest collection of research documents about various aspects of information security, and it operates the Internet's early warning system - the Internet Storm Center.



Other Videos By SANS Institute


2022-06-08Live with Jake Williams | RSA Conference 2022
2022-06-08Live with Russell Eubanks | RSA Conference 2022
2022-06-08Live with Carl Marrelli | RSA Conference 2022
2022-06-07Live with Carlos Carillo and Jeff McJunkin | RSA Conference 2022
2022-06-07Live with Dr Johannes Ullrich | RSA Conference 2022
2022-06-07Live with Jamie Williams | RSA Conference 2022
2022-06-07Live with Rob T Lee | RSA Conference 2022
2022-06-03ICS Fireside Chat- We DON’T Talk about CERT / PSIRT Process
2022-06-03ICS Fireside Chat- Vulnerability Research Team Lean, Claroty
2022-06-03ICS Fireside Chat- Principal Industrial Hunter, Dragos
2022-05-31SANS Emergency Webcast: Follina MSDT (MS Word) 0-day - Analysis and Remediation w/ Jake Williams
2022-05-31SANS Emergency Webcast MSDT (MS Word) Zero-day - analysis and remediation
2022-05-25Cyber Executive Communications Master Class
2022-05-18SANS Threat Analysis Rundown | Katie Nickels
2022-05-09New Shell in Town: Adventures in using PowerShell on Linux
2022-05-08Don't Get Popped: Vulnerability Management Do's and Don'ts
2022-05-07Risky Business: Careers in GRC
2022-05-06Analysis 101 for the Incident Responder
2022-05-05Taking the Plunge: Advice from People Who Literally Wrote the Book on Cybersecurity Careers Panel
2022-05-04Criminal Justice & National Cyber Security
2022-05-04You've Got This: Success Stories Panel


Tags:
sans institute
information security
cyber security
cybersecurity
information security training
cybersecurity training
cyber security training
Follina
Microsoft Vulnerability
ZeroDay
MSDT
CVE-2022-30190