Microsoft Windows Zero-Day Vulnerability
Date of Notice: 05/31/2022
Action Level - High
Description (Microsoft Windows Zero-Day Vulnerability (CVE-2022-30190))
MCNC would like to make you aware of a vulnerability affecting current versions of Windows and Windows Server. This vulnerability allows arbitrary code execution by a remote attacker.
This exploit is known to be currently exploited and at the moment there are no patches available, though Microsoft has disclosed a potential mitigation (details below). MCNC recommends monitoring Microsoft feeds for updates and patching when available, as well as evaluating the mitigation for feasibility in your environment.
- Microsoft Windows 11, 10, 8.1, 7
- Microsoft Windows Server 2019, 2016, 2012, 2008
An attacker can craft a file to execute arbitrary code when opened or previewed. Though proofs of concept have been released for various Microsoft Office file types, exploitation is not restricted to these file types.
This vulnerability is known to be exploited.
Microsoft has released information on a mitigation which involves disabling the MSDT URL Protocol. Details are linked below.
As of 5/31 there are no patches to remediate this vulnerability
Main CVE page : patches will appear here when released:
Vendor guidance including mitigation instructions: