Open In App

Follina: Unsolved Zero Day Vulnerability

Improve
Improve
Like Article
Like
Save
Share
Report

Pre-requisites: Zero Day Exploit 

The Follina vulnerability is an elevation of privilege (EoP) vulnerability in the Windows operating system. The vulnerability is caused by a race condition in the Windows kernel and allows an attacker to gain local privilege escalation (LPE) on the system. This exploit can be used to gain access to the system, bypass authentication, and execute malicious code.

The vulnerability affects Windows 7 and Windows Server 2008 R2 and later versions. Microsoft has released a patch to address this vulnerability. It is important to note that this vulnerability can be used in conjunction with other vulnerabilities to gain access to the underlying system.

To exploit the vulnerability, an attacker needs to have access to the system and be able to run code on the system. The attacker needs to be able to create a race condition in the Windows kernel. This race condition can be used to bypass the security mechanisms in place and gain access to the underlying system.

Once access is gained, the attacker can then execute malicious code on the underlying system and gain complete control of the system. The attacker can then steal data, modify the system, or cause other malicious activities.

The Follina vulnerability is a serious threat to the security of Microsoft systems. It is important to patch the system as soon as possible. Microsoft has released a patch for the vulnerability and it is important to install the patch as soon as possible to prevent exploitation of the vulnerability.

It is also important to note that this vulnerability can be used in conjunction with other vulnerabilities to gain access to the underlying system. It is important to be aware of other vulnerabilities and patch them as soon as possible to prevent exploitation.

It is also important to be aware of the security measures that are in place on the system. It is important to ensure that all security measures are properly configured and that all patches and updates are installed as soon as possible.

It is also important to be aware of any malicious activities that may be taking place on the system. It is important to be aware of any suspicious activities that may be taking place on the system and to take steps to mitigate any potential threats.

Follina Execution:

In follina attacker generate a malicious word File and share it with the victim, Follina is a Remote Code Execution means If you open that word File in your system then the attacker can able to control your system by using Attacker Box.

Example: If I’m attacker and I want to open excel file in your system and type some data so I just execute these commands while using follina,

python3 follina.py -c “excel” //this vulnerability is unsolved and very dangerous Don’t Misuse, Only Perform in your PC using Virtual Box.

In conclusion, the Follina vulnerability is a serious threat to the security of Microsoft systems. It is important to patch the system as soon as possible and be aware of any malicious activities that may be taking place on the system. It is also important to be aware of other vulnerabilities and patch them as soon as possible to prevent exploitation.


Last Updated : 01 Mar, 2023
Like Article
Save Article
Previous
Next
Share your thoughts in the comments
Similar Reads