These are the source codes of the Python scripts to apply the temporary protection against the CVE-2022-30190 vulnerability (Follina)# **_🩹CVE-2022-30190 Temporary Fix🩹 (Source Code)_**
These are the source codes of two Python scripts compiled to easily and quickly apply temporary protection against the **_CVE-2022-30190 vulnerability (Follina)_**
Both can be programmed better, but this is just to implement it as quickly as possible and I did it without much Python knowledge, but the important part is... **_it works!_** Hehe
## _What do these '.exe' files do?:_
> Step by step (**_'CVE-2022-30190_temp-fix.py'_** [CVE-2022-30190_temp-fix.exe]):
1. Backs up the registry key **_'HKEY_CLASSES_ROOT\ms-msdt'_**.
2. Deletes the registry key **_'HKEY_CLASSES_ROOT\ms-msdt'_**.
3. Creates a new registry key **_'DWORD'_** with a value of **_'0'_** to enable a **_'Local Group Policy'_** at the path **_'HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\ScriptedDiagnostics'_** called **_'EnableDiagnostics'_** (This registry key sets the policy called **_'Troubleshooting: Allow users to access and run troubleshooting wizards.'_** as **_'Disabled'_**, located at **_'Computer Configuration/Policies/Administrative Templates/System/Troubleshooting and Diagnostics/Scripted Diagnostics'_**).
> Step by step (**_'CVE-2022-30190_back-to-normal.py'_** [revert_changes.exe]):
1. Restores the registry key **_'HKEY_CLASSES_ROOT\ms-msdt'_**.
2. Deletes **_'.reg'_** file used to restore it.
3. Deletes the registry key which was created before to enable a **_'Local Group Policy'_**.
## _How to use them:_
- Run **_'CVE-2022-30190_temp-fix.exe'_** as **_administrator_**, that's all.
- **Do not delete the _'.reg'_ file generated because you will need it in the future when Microsoft fixes this vulnerability.**
- If you want to undo all changes made, you just have to run **_'revert_changes.exe'_** as **_administrator_**.
## _My antivirus detected it as a threat?:_
> In most cases it will detected by the AV as a **_threat_**, so you can **add an _exception_** or just **_disable_ it for a moment**, this is because none of the '.exe' files are signed.
## _This vulnerability has been fixed by Microsoft:_
> Here are the links to the updates:
- For Windows 10: [2022-06 Cumulative Update for Windows 10 Version 21H2 for x64-based Systems (KB5014699)](https://support.microsoft.com/en-us/topic/june-14-2022-kb5014699-os-builds-19042-1766-19043-1766-and-19044-1766-5c81d49d-0b6e-4808-9485-1f54e5d1bb15)
- For Windows 11: [2022-06 Cumulative Update for Windows 11 for x64-based Systems (KB5014697)](https://support.microsoft.com/en-us/topic/june-14-2022-kb5014697-os-build-22000-739-cd3aaa0b-a8da-44a0-a778-dfb6f1d9ea11)
[4.0K] /data/pocs/44ebb715f6392c23f8917fa97465dcb1b0a462ab
├── [2.6K] CVE-2022-30190_back-to-normal.py
├── [2.9K] CVE-2022-30190_temp-fix.py
└── [2.6K] README.md
0 directories, 3 files