Skip to content

These are two Python scripts compiled to easily and quickly apply temporary protection against the CVE-2022-30190 vulnerability (Follina)

Notifications You must be signed in to change notification settings

SrCroqueta/CVE-2022-30190_Temporary_Fix

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
 
 
 
 

Repository files navigation

🩹CVE-2022-30190 Temporary Fix🩹

These are two Python scripts compiled to easily and quickly apply temporary protection against the CVE-2022-30190 vulnerability (Follina)

Both can be programmed better, but this is just to implement it as quickly as possible and I did it without much Python knowledge, but the important part is... it works! Hehe

What do these '.exe' files do?:

Step by step ('CVE-2022-30190_temp-fix.exe'):

  1. Backs up the registry key 'HKEY_CLASSES_ROOT\ms-msdt'.
  2. Deletes the registry key 'HKEY_CLASSES_ROOT\ms-msdt'.
  3. Creates a new registry key 'DWORD' with a value of '0' to enable a 'Local Group Policy' at the path 'HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\ScriptedDiagnostics' called 'EnableDiagnostics' (This registry key sets the policy called 'Troubleshooting: Allow users to access and run troubleshooting wizards.' as 'Disabled', located at 'Computer Configuration/Policies/Administrative Templates/System/Troubleshooting and Diagnostics/Scripted Diagnostics').

Step by step ('revert_changes.exe'):

  1. Restores the registry key 'HKEY_CLASSES_ROOT\ms-msdt'.
  2. Deletes '.reg' file used to restore it.
  3. Deletes the registry key which was created before to enable a 'Local Group Policy'.

How to use them:

  • Run 'CVE-2022-30190_temp-fix.exe' as administrator, that's all.

  • Do not delete the '.reg' file generated because you will need it in the future when Microsoft fixes this vulnerability.

  • If you want to undo all changes made, you just have to run 'revert_changes.exe' as administrator.

My antivirus detected it as a threat?:

In most cases it will detected by the AV as a threat, so you can add an exception or just disable it for a moment, this is because none of the '.exe' files are signed.

This vulnerability has been fixed by Microsoft:

Here are the links to the updates:

About

These are two Python scripts compiled to easily and quickly apply temporary protection against the CVE-2022-30190 vulnerability (Follina)

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published