CVE-2022-30190
Discovered: 5/30/2022
Impacted Tech:
Microsoft Support Diagnostic Tool (MSDT)
Attacker Location: Local
Highlights:
A vulnerability in Microsoft Support Diagnostic Tool (MSDT) allows attackers to remotely execute code on Windows systems. This vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word.
Attackers who successfully exploit this vulnerability can run arbitrary code with the privileges of the calling application, and can then install programs, view, change, or delete data, or create new accounts in the context allowed by the user’s rights.
Remediation:
Microsoft has released an official workaround. Administrators and users should disable the MSDT URL protocol by:
- Run Command Prompt as Administrator
- To back up the registry key, execute the command
reg export HKEY_CLASSES_ROOT\ms-msdt filename - Execute the command
reg delete HKEY_CLASSES_ROOT\ms-msdt /f
To undo the workaround:
- Run the command prompt as administrator
- To restore the registry key, execute the command
reg import filename
Read more about the vulnerability via the Microsoft Security Response Center link below.
References:
Vulnerability Alert 