CVE-2022-30190: 
vulnerability analysis and mitigation

CVE-2022-30190, also known as the Microsoft Support Diagnostic Tool (MSDT) vulnerability, was disclosed on May 30, 2022. This remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Microsoft Word. The vulnerability affects Windows Server 2019, Windows 10 version 1809, and later supported versions of Windows (MSRC Blog, CVE).

The vulnerability allows an attacker to execute arbitrary code through the MSDT URL protocol when called from applications like Microsoft Word. When successfully exploited, the attacker gains the ability to run code with the privileges of the calling application. The vulnerability received official patches through Windows updates released on June 14, 2022, with additional defense-in-depth variants addressed in July 2022 cumulative updates (MSRC Blog).

Successful exploitation of this vulnerability enables attackers to execute arbitrary code with the privileges of the calling application. This access allows attackers to install programs, view, modify, or delete data, and create new accounts within the context of the user's rights. The impact is particularly significant when the vulnerability is exploited through commonly used applications like Microsoft Word (CVE, MSRC Blog).

Microsoft provided several mitigation options, including disabling the MSDT URL Protocol through registry modification. Users can disable this by running Command Prompt as Administrator and executing 'reg delete HKEYCLASSESROOT\ms-msdt /f'. Additionally, Microsoft Office's Protected View and Application Guard features provide protection against this vulnerability when opening documents from the internet (MSRC Blog).