CVE ID
CVE-2022-30190
Vulnerability Name
Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability
- Project: Microsoft
- Product: Windows
Date
- Date Added: 2022-06-14
- Due Date: 2022-07-05
Description
A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run code with the privileges of the calling application.
Known To Be Used in Ransomware Campaigns?
Known
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2022-30190
Related Security News
- Researchers Uncover GPT-4-Powered MalTerminal Malware Creating Ransomware, Reverse Shell
- Microsoft Outlook to block more risky attachments used in attacks
Top comments (0)