Attackers are actively exploiting an unpatched remote code execution (RCE) vulnerability in a Windows component called the Microsoft Support Diagnostic Tool (MSDT) through weaponized Word documents. Microsoft has responded with mitigation advice that can be used to block the attacks until a permanent patch is released.
An exploit for the vulnerability, now tracked as CVE-2022-30190, was found in the wild by an independent security research team dubbed nao_sec, which spotted a malicious Word document uploaded to VirusTotal from an IP in Belarus. However, more malicious samples dating from April have also been found, suggesting the vulnerability has been exploited for over a month.
More Stories
Researchers warn of two new variants of potent IcedID malware loader
Monopolist Service Model Enrages Tesla Owners : $29K Bill for Minor Damage and No Delivery Date
7 Reasons Why You Should Get CMMC Certified Ahead of the May 2023 Rulemaking