all InfoSec news
Coverage Advisory for CVE-2022-30190: Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability
Security Boulevard securityboulevard.com
Background
On May 27, 2022, nao_sec found a malicious Word document submitted to Virustotal from a Belarus IP address. The document was abusing MS-MSDT URI scheme to execute PowerShell within the context of Word bypassing local Office macro policies. Microsoft has since released protection guidance and assigned CVE-2022-30190 to this vulnerability.
What is the issue?
Malicious Word documents can use the remote template feature to fetch an HTML file from a remote server and the HTML code can use Microsoft's …
advisory code code execution cve cve-2022-30190 microsoft microsoft windows msdt remote code execution support tool vulnerability windows