QUICK AND DIRTY PATCH
A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word (From MicroSoft's web, TL;DR).
This is a quick and dirty patch of MSDT: CVE-2022-30190 Microsoft Support Diagnostic Tool Vulnerability.
Run Windows PowerShell (Admin)
First, go to your "BACKUP" directory (e.g. C:\tmp\)
cd C:\tmp\
cd C:\tmp\
Next, BACKUP REGISTRY "MS-MSDT"
reg export HKEY_CLASSES_ROOT\ms-msdt C:\HKEY_CLASSES_ROOT-ms-msdt.bak.reg
Last, DELETE REGISTRY "MS-MSDT"
reg delete HKEY_CLASSES_ROOT\ms-msdt /f
To Restore "MS-MSDT"
reg import C:\HKEY_CLASSES_ROOT-ms-msdt.bak.reg
URL:
DISCLAIMER
This is HOW Me Do IT! Grrr... this blog memo is mainly written for OWN PURPOSES. This post is based on "Google There, Google Here, Try That, Try This, Then Ask". Whether this is PLAGIARY or RESEARCH, there has never been a claim that this is an original work, nor is it necessarily the best solution, and not for Scopus consumption :). Please provide feedback, especially if you have alternative explanations. Hopefully, this note will be helpful in the future when you have forgotten how to solve this trivia problem.
DISKLAIMER
INIlah yang KUlakukan! Grrr... memo blog ini terutama ditulis untuk KEPERLUAN SENDIRI. Tulisan ini berbasis "Google Sana, Google Sini, Coba Itu, Coba Ini, Lalu Tanya-tanyi". Entah ini PLAGIAT, entah ini RISET, yang jelas tidak pernah ada klaim bahwa ini merupakan karya asli, serta belum tentu pula merupakan solusi terbaik, serta bukan untuk konsumsi Scopus :). Mohon kiranya memberikan tanggapan, terutama jika memiliki solusi alternatif. Semoga catatan ini akan bermanfaat di masa mendatang, saat sudah lupa cara menyelesaikan masalah trivia ini.
Qapla!
reg delete HKEY_CLASSES_ROOT\ms-msdt /f
Tidak ada komentar:
Posting Komentar