Microsoft Zero Day Vulnerability
Published on
June 1, 2022

On Friday, May 27, security researchers identified malicious documents taking advantage of a new zero-day exploit in Microsoft Windows (CVE-2022-30190).  The actively exploited vulnerability exists when Microsoft Windows Support Diagnostic Tool (MSDT) is called using the URL protocol from a calling application, such as Microsoft Word. By sending a specially crafted Word document that calls out to a remote URL and downloads a malicious payload, a threat actor could gain persistence and run arbitrary code with the privileges of the calling application.

Because this attack has been observed being actively exploited, and the ease of exploitation (getting an end user to open a malicious Word document), Microsoft is recommending that customers apply a workaround until a patch can be released.

Details of the vulnerability and Microsoft’s recommended workaround can be found at the link below:

IT Mentorship in Your Inbox

Subscribe and stay up to date on the latest insights, expert advice, and happenings in IT.