Microsoft Windows 支持診斷工具 (MSDT) 遠(yuǎn)程代碼執(zhí)行漏洞

 漏洞資訊     |      2022-06-01

一、  漏洞描述

2022年5月30日,Microsoft發(fā)布安全公告,Microsoft Windows 支持診斷工具 (MSDT)中存在一個遠(yuǎn)程代碼執(zhí)行漏洞。漏洞編號:CVE-2022-30190,漏洞等級:高危,漏洞評分:8.8,并且,該漏洞存在在野利用。

二、  漏洞詳情

CVE-2022-30190: Microsoft Windows 支持診斷工具 (MSDT) 遠(yuǎn)程代碼執(zhí)行

CVE: CVE-2022-30190

組件: MSDT

漏洞類型: 代碼問題

影響: 遠(yuǎn)程代碼執(zhí)行

簡述: 見漏洞描述。

三、  影響版本


影響產(chǎn)品或系統(tǒng)版本

安全版本

Windows

Windows Server 2012 R2 (Server Coreinstallation)

Windows Server 2012 R2

Windows Server 2012 (Server Coreinstallation)

Windows Server 2012

Windows Server 2008 R2 for x64-basedSystems Service  Pack 1 (Server Core installation)

Windows Server 2008 R2 for x64-basedSystems Service  Pack 1

Windows Server 2008 for x64-basedSystems Service Pack  2 (Server Core installation)

Windows Server 2008 for x64-basedSystems Service Pack  2

Windows Server 2008 for 32-bit SystemsService Pack 2  (Server Core installation)

Windows Server 2008 for 32-bit SystemsService Pack 2

Windows RT 8.1

Windows 8.1 for x64-based systems

Windows 8.1 for 32-bit systems

Windows 7 for x64-based Systems ServicePack 1

Windows 7 for 32-bit Systems ServicePack 1

Windows Server 2016 (Server Coreinstallation)

Windows Server 2016

Windows 10 Version 1607 for x64-basedSystems

Windows 10 Version 1607 for 32-bitSystems

Windows 10 for x64-based Systems

Windows 10 for 32-bit Systems

Windows 10 Version 21H2 for x64-basedSystems

Windows 10 Version 21H2 for ARM64-basedSystems

Windows 10 Version 21H2 for 32-bitSystems

Windows 11 for ARM64-based Systems

Windows 11 for x64-based Systems

Windows Server, version 20H2 (ServerCore Installation)

Windows 10 Version 20H2 for ARM64-basedSystems

Windows 10 Version 20H2 for 32-bitSystems

Windows 10 Version 20H2 for x64-basedSystems

Windows Server 2022 Azure Edition Core Hotpatch

Windows Server 2022 (Server Core installation)

Windows Server 2022

Windows 10 Version 21H1 for 32-bitSystems

Windows 10 Version 21H1 for ARM64-basedSystems

Windows 10 Version 21H1 for x64-basedSystems

Windows Server 2019 (Server Coreinstallation)

Windows Server 2019

Windows 10 Version 1809 for ARM64-basedSystems

Windows 10 Version 1809 for x64-basedSystems

Windows 10 Version 1809 for 32-bitSystems

暫未

四、  安全版本

見三

五、  安全建議

通用修補(bǔ)建議:

禁用 MSDT URL 協(xié)議可防止故障排除程序作為鏈接啟動,包括整個操作系統(tǒng)的鏈接。仍然可以使用“獲取幫助”應(yīng)用程序和系統(tǒng)設(shè)置中的其他或附加故障排除程序來訪問故障排除程序。請按照以下步驟禁用:

1. 以管理員身份運(yùn)行命令提示符  .

2. 要備份注冊表項,請執(zhí)行命令“reg export HKEY_CLASSES_ROOT\ms-msdt filename“

3. 執(zhí)行命令“reg delete HKEY_CLASSES_ROOT\ms-msdt /f”。