Microsoft Office zero-day vulnerability or Microsoft Support Diagnostic Tool Vulnerability CVE-2022-30190
Attackers are effectively exploiting an unpatched vulnerability in the Microsoft Office that considers remote code execution from Microsoft Office.
The vulnerability exists in all Windows versions and can be exploited in Microsoft Office 2013, Office 2019, Office 2021, Office 365, and Office ProPlus as per security researchers have examined the issue
Table of Contents
Impact
- Install programs
- View, changes
- Delete data
- Create new accounts
- Execute remote command
- Easily remote control the computer
Remediation
In order to protect the system from the attack, Microsoft has released a temporary fix.
Microsoft team is working on this and soon the official update will be released with the patched version of the Microsoft office.
Follow these steps for Mitigation
Run Command Prompt as Administrator.
To back up the registry key, execute the command “reg export HKEY_CLASSES_ROOT\ms-msdt filename“
Execute the command “reg delete HKEY_CLASSES_ROOT\ms-msdt /f”.
How to undo the changes
Run Command Prompt as Administrator.
To restore the registry key, execute the command “reg import filename”
Leave a Reply