05.31.2022

Microsoft Windows Zero-Day Vulnerability

MCNC Admin Avatar
By MCNC Admin
Alert
  • facebook share link
  • twitter share link
  • linkedin share link
  • mail share link

Date of Notice: 05/31/2022

Action Level - High

Description (Microsoft Windows Zero-Day Vulnerability (CVE-2022-30190))

MCNC would like to make you aware of a vulnerability affecting current versions of Windows and Windows Server. This vulnerability allows arbitrary code execution by a remote attacker.

This exploit is known to be currently exploited and at the moment there are no patches available, though Microsoft has disclosed a potential mitigation (details below). MCNC recommends monitoring Microsoft feeds for updates and patching when available, as well as evaluating the mitigation for feasibility in your environment. 

Affected OS

  • Microsoft Windows 11, 10, 8.1, 7
  • Microsoft Windows Server 2019, 2016, 2012, 2008

Attack Vector

An attacker can craft a file to execute arbitrary code when opened or previewed. Though proofs of concept have been released for various Microsoft Office file types, exploitation is not restricted to these file types.

Attack Feasibility

This vulnerability is known to be exploited.

Mitigations

Microsoft has released information on a mitigation which involves disabling the MSDT URL Protocol. Details are linked below.

Remediation

As of 5/31 there are no patches to remediate this vulnerability

Vendor Resources

Main CVE page : patches will appear here when released:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30190

Vendor guidance including mitigation instructions:
https://msrc-blog.microsoft.com/2022/05/30/guidance-for-cve-2022-30190-microsoft-support-diagnostic-tool-vulnerability/

<-- Return to Cybersecurity Alerts...

MCNC Admin
MCNC Admin
MCNC
PO Box 12889
3021 East Cornwallis Road
RTP, NC 27709-2889
919-248-1900 Phone | 919-248-1101 Fax
Connect With Us
  • linkedin
  • twitter
  • facebook
  • youtube
© 2022 MCNC