Your IT Consultant

Information Technology Blog
by John W. Simek, Vice President of Sensei Enterprises, Inc.

Actively Exploited Zero-Day Attack Delivered via Malicious Word Documents

June 1, 2022

Using technology has its advantages, but also requires some diligence to keep you safe. As ZDNet reports, attackers are using a protocol for troubleshooting Windows bugs to perform remote code execution through the Microsoft Support Diagnostic Tool. Using a tool designed to help users to deliver a malicious payload. Great. Security researcher Kevin Beaumont discovered that malicious code can be executed in a Word document that has been converted to Rich Text Format (RTF). You can protect yourself by applying this workaround to disable the entire MSDT URL protocol on the computer.

Run Command Prompt as Administrator.
To back up the registry key, execute the command “reg export HKEY_CLASSES_ROOT\ms-msdt filename“
Execute the command “reg delete HKEY_CLASSES_ROOT\ms-msdt /f”

Email: Phone: 703.359.0700
Digital Forensics/Cybersecurity/Information Technology
https://www.linkedin.com/in/johnsimek
https://amazon.com/author/johnsimek
https://senseient.com

John W. Simek
Co-founder/Consultant

Subscribe in a Reader

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Your IT Consultant

Actively Exploited Zero-Day Attack Delivered via Malicious Word Documents

Subscribe for More!

Popular Categories

Listen to the Podcast

Disclaimer