Without a day, Microsoft’s Support Diagnostic Tool allows malicious hackers to inject malware into the system through a converted Word document. Weakness was Discovered by Nao_sec And this is done in the meantime Microsoft acknowledged under the name CVE-2022-30190 Appointed. No Windows update has been released for the vulnerability, but Windows Defender has already been updated to recognize an attack via the described path. This was not the case until recently.
The exploit uses code that can be executed by Microsoft Support Diagnostics Tool (msdt), which can be redirected to a spoofed url. Macros are usually blocked to prevent abuse, but a security researcher has discovered that this macro blocking can be circumvented by converting the malicious Word file to rich text format. This way, the code in the Word file can be executed without ever opening the document.
For now, a workaround has been shared by Microsoft, where the user can disable the msdt protocol. This requires modifying the registry, which is a very advanced process.
- beginning Command Prompt as administrator
- make to support From the registry key HKEY_CLASSES_ROOT\ms-msdt by running the “reg export HKEY_CLASSES_ROOT\ms-msdt filename” command at the command prompt
- Removal You are using it now msdt بروتوكول protocol By running “reg delete HKEY_CLASSES_ROOT \ms-msdt /f” from the command prompt
« Previous Post Last Next »
“Lifelong entrepreneur. Total writer. Internet ninja. Analyst. Friendly music enthusiast.”