CVE-2022-30190 Exploit

This refers to a means of launching the Microsoft Support Diagnostics Tool (MSDT) which can be via a URI from a malicious source avoiding normal security checks including browser protected mode.

This tool is for getting support directly from Microsoft or one of their official partners to help a user who is experiencing problems. Malicious use of this tool can give the exploiter access to PowerShell on your Windows computer which is never a good thing.

The tool is normally launched directly but can be launched in a browser using the special protocol ms-msdt://

Microsoft has published a work around until a patch is provided which is basically disabling the tool. Link here.

The basic procedure:

Run command prompt in admin mode
Backup the key somewhere in case you need it later
Then delete it

Command to Restore Registry Key

reg import C:\MSDT\msdt_backup.reg

Leave a Reply

Your email address will not be published. Required fields are marked *