![[CVE--30190]MICROSOFT OFFICE MSDT代码执行漏洞](https://900zi.500zi.com/uploadfile/img/15/178/636a73a1a3c9c1e13135c2d1453ab4ed.jpg)
MSDT(Microsoft Support Diagnostics Tool,微软支持诊断工具)是一个Windows实用程序,用于排除故障并收集诊断数据以供专业人员分析和解决问题。
Shadow Chaser Group 的研究人员在 Twitter 上表示,这个存在于Microsoft Support Diagnostic Tool中的漏洞已经于4月 12日报告给微软,并已经证明该漏洞已经被黑客利用进行攻击,不过微软安全响应中心团队并未将报告的行为视为安全漏洞。
根据研究员 Kevin Beaumont 的分析,该文档使用Word从远程Web服务器检索HTML文件。然后,该文档使用MSProtocol URI方案来加载和执行PowerShell命令。目前微软已经将该漏洞标识为 CVE--30190,并将其描述为“关键”(critical)漏洞。
影响版本:
Windows Server R2 (Server Core installation)Windows Server R2Windows Server (Server Core installation)Windows Server Windows Server R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server R2 for x64-based Systems Service Pack 1Windows Server for x64-based Systems Service Pack 2 (Server Core installation)Windows Server for x64-based Systems Service Pack 2Windows Server for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server for 32-bit Systems Service Pack 2Windows RT 8.1Windows 8.1 for x64-based systemsWindows 8.1 for 32-bit systemsWindows 7 for x64-based Systems Service Pack 1Windows 7 for 32-bit Systems Service Pack 1Windows Server (Server Core installation)Windows Server Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 for ARM64-based SystemsWindows 11 for x64-based SystemsWindows Server, version 20H2 (Server Core Installation)Windows 10 Version 20H2 for ARM64-based SystemsWindows 10 Version 20H2 for 32-bit SystemsWindows 10 Version 20H2 for x64-based SystemsWindows Server Azure Edition Core HotpatchWindows Server (Server Core installation)Windows Server Windows 10 Version 21H1 for 32-bit SystemsWindows 10 Version 21H1 for ARM64-based SystemsWindows 10 Version 21H1 for x64-based SystemsWindows Server (Server Core installation)Windows Server Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit Systems
目前,漏洞POC已公开:
/onecloudemoji/CVE--30190
由于尚没有修补程序,删除ms-msdt或许是更好的办法。
