Subscribe to the CyberThreatPOV Podcast

Threat Intel Flash Briefing – Microsoft Diagnostics Tool Remote Code Execution Vulnerability

There exists a zero-day code execution vulnerability (CVE-2022-30190) in Microsoft office, specifically with the Microsoft Diagnostics Tool (MSDT). The technique observed in the wild targets Microsoft Word, although this attack is not limited to only Word. Other Microsoft applications as well as applications that support Microsoft Protocols could also be utilized to execute this technique.

Listen on the go: