Follina: Unsolved Zero Day Vulnerability
Last Updated : 01 Mar, 2023
Pre-requisites: Zero Day Exploit
The Follina vulnerability is an elevation of privilege (EoP) vulnerability in the Windows operating system. The vulnerability is caused by a race condition in the Windows kernel and allows an attacker to gain local privilege escalation (LPE) on the system. This exploit can be used to gain access to the system, bypass authentication, and execute malicious code.
The vulnerability affects Windows 7 and Windows Server 2008 R2 and later versions. Microsoft has released a patch to address this vulnerability. It is important to note that this vulnerability can be used in conjunction with other vulnerabilities to gain access to the underlying system.
To exploit the vulnerability, an attacker needs to have access to the system and be able to run code on the system. The attacker needs to be able to create a race condition in the Windows kernel. This race condition can be used to bypass the security mechanisms in place and gain access to the underlying system.
Once access is gained, the attacker can then execute malicious code on the underlying system and gain complete control of the system. The attacker can then steal data, modify the system, or cause other malicious activities.
The Follina vulnerability is a serious threat to the security of Microsoft systems. It is important to patch the system as soon as possible. Microsoft has released a patch for the vulnerability and it is important to install the patch as soon as possible to prevent exploitation of the vulnerability.
It is also important to note that this vulnerability can be used in conjunction with other vulnerabilities to gain access to the underlying system. It is important to be aware of other vulnerabilities and patch them as soon as possible to prevent exploitation.
It is also important to be aware of the security measures that are in place on the system. It is important to ensure that all security measures are properly configured and that all patches and updates are installed as soon as possible.
It is also important to be aware of any malicious activities that may be taking place on the system. It is important to be aware of any suspicious activities that may be taking place on the system and to take steps to mitigate any potential threats.
Follina Execution:
In follina attacker generate a malicious word File and share it with the victim, Follina is a Remote Code Execution means If you open that word File in your system then the attacker can able to control your system by using Attacker Box.
Example: If I'm attacker and I want to open excel file in your system and type some data so I just execute these commands while using follina,
python3 follina.py -c "excel" //this vulnerability is unsolved and very dangerous Don't Misuse, Only Perform in your PC using Virtual Box.
In conclusion, the Follina vulnerability is a serious threat to the security of Microsoft systems. It is important to patch the system as soon as possible and be aware of any malicious activities that may be taking place on the system. It is also important to be aware of other vulnerabilities and patch them as soon as possible to prevent exploitation.
Similar Reads
Nexpose Vulnerability Analysis Tools In the realm of cybersecurity, ensuring the integrity and security of systems is paramount. With the continuous evolution of threats, it's imperative for professionals to utilize robust tools for vulnerability analysis. Among the myriad options available, Nexpose stands out as a powerful vulnerabili
5 min read
What is Risk-Based Vulnerability Management? Cyber threats are changing fast, and traditional vulnerability management is no longer as effective. Organizations simply cannot respond with the same urgency to every security weakness. This is where Risk-Based Vulnerability Management (RBVM) comes in. Rather than patching vulnerabilities blindly,
9 min read
What is Credentialed Vulnerability Scan? Scanning is the second phase in the hacking methodology and plays an important role in identifying critical vulnerabilities within a system or organization. An effective scanning process helps by detecting weaknesses that can be patched before attackers have a chance to exploit them. However, do vul
4 min read
What is Supply Chain Vulnerability? Uses and Examples Supply chain cyberattacks, such as ransomware attacks, data breaches, and tainted software updates, have made cybersecurity a critical component of supply chain risk management. Third-party vendors, cloud computing, and outsourced IT service firms are used by companies today, and therefore it is not
10 min read
Vulnerabilites in Computer System Security For computer system security technology there are various parameters and applications in such a way that are used in order to benefit the authorized user. The term vulnerability means flaws or errors that are present in the system due to which the information can be extracted by an unauthorized pers
2 min read