【漏洞通告】Microsoft Windows 支持诊断工具 (MSDT) 远程代码执行漏洞（CVE-2022-30190）

漏洞名称：

Microsoft Windows 支持诊断工具(MSDT)远程代码执行漏洞

组件名称：

Windows MSDT

影响范围：

Windows Server 2012 R2

Windows Server 2012

Windows Server 2008 R2 for x64-based Systems Service Pack 1

Windows Server 2008 for 32-bit/x64-based Systems Service Pack 2

Windows RT 8.1

Windows 8.1 for 32-bit/x64-based systems

Windows 7 for 32-bit/x64-based Systems Service Pack 1

Windows Server 2016

Windows 10 Version 1607 for 32-bit/x64-based Systems

Windows 10 for 32-bit/x64-based Systems

Windows 10 Version 21H2 for 32-bit/ARM64-based/x64-based Systems

Windows 11 for x64-based/ARM64-based Systems

Windows 10 Version 20H2 for x64-based/32-bit/ARM64-based Systems

Windows Server 2022 Azure Edition Core Hotpatch

Windows Server 2022

Windows 10 Version 21H1 for x64-based/ARM64-based/32-bit Systems

Windows Server 2019

Windows 10 Version 1809 for 32-bit/x64-based/ARM64-based Systems

漏洞类型：

远程代码执行

利用条件：

1、用户认证：不需要用户认证
2、前置条件：默认配置

3、触发方式：远程

关闭MSDT URL协议：

1. 使用管理员权限启动命令提示符

2. 使用命令” reg export HKEY_CLASSES_ROOTms-msdt filename”备份注册表

3. 执行命令” reg delete HKEY_CLASSES_ROOTms-msdt /f”

撤销临时解决的方案:

1. 使用管理员权限启动命令提示符

2. 使用命令” reg import filename”恢复注册表