Serveis / Alertes

Execució de codi de Microsoft Windows Support Diagnostic Tool (MSDT)

ALERTES

31/05/2022

CVE-2022-30190

ALT: (7.8)

CVSS6: 6.8

Microsoft Windows podria permetre a un atacant remot executar codi arbitrari al sistema, causat per un defecte en el component de l’Eina de Diagnòstic de Suport (MSDT). En persuadir a una víctima d’obrir contingut especialment elaborat, un atacant podria explotar aquesta vulnerabilitat per executar codi arbitrari sobre el sistema.

Sistemes Afectats

  • Microsoft Windows 7 SP1 x32
  • Microsoft Windows 7 SP1 x64
  • Microsoft Windows Server 2008 R2 X64
  • Microsoft Windows Server 2012
  • Microsoft Windows RT
  • Microsoft Windows 8.1 x32
  • Microsoft Windows 8.1 x64
  • Microsoft Windows Server 2012 R2
  • Microsoft Windows RT 8.1
  • Microsoft Windows 10 x32
  • Microsoft Windows 10 x64
  • Microsoft Windows Server 2016
  • Microsoft Windows Server 2019
  • Microsoft Windows 10 1809 for x64-based Systems
  • Microsoft Windows 10 1809 for 32-bit Systems
  • Microsoft Windows 10 1809 for ARM64-based Systems
  • Microsoft Windows 10 1607 for 32-bit Systems
  • Microsoft Windows 10 1607 for x64-based Systems
  •  Microsoft Windows 10 20H2 for 32-bit Systems
  • Microsoft Windows 10 20H2 for ARM64-based Systems
  • Microsoft Windows 10 20H2 for x64-based Systems
  • Microsoft Windows Server (Server Core installation) 2019
  • Microsoft Windows Server (Server Core installation) 20H2
  • Microsoft Windows Server (Server Core installation) 2016
  • Microsoft Windows Server (Server Core installation) 2012 R2
  • Microsoft Windows Server (Server Core installation) 2012
  • Microsoft Windows Server for X64-based systems (Server Core installation) 2008 R2
  • Microsoft Windows Server for X64-based systems 2008 R2 SP1
  • Microsoft Windows Server for 32-bit systems (Server Core installation) 2008 SP2
  • Microsoft Windows Server for 32-bit systems 2008 SP2
  • Microsoft Windows Server for X64-based systems (Server Core installation) 2008 R2 SP1
  • Microsoft Windows 10 21H1 for 32-bit Systems
  • Microsoft Windows 10 21H1 for ARM64-based Systems
  • Microsoft Windows 10 21H1 for x64-based Systems
  • Microsoft Windows Server 2022
  • Microsoft Windows Server (Server Core installation) 2022
  • Microsoft Windows Server for X64-based systems 2008 SP2
  • Microsoft Windows 11 x64
  • Microsoft Windows 11 ARM64
  • Microsoft Windows 10 21H2 for 32-bit Systems
  • Microsoft Windows 10 21H2 for ARM64-based Systems
  • Microsoft Windows 10 21H2 for x64-based Systems
  • Microsoft Windows Server 2022 Azure Edition Core Hotpatch

Remediació
Utilitzeu l’actualització automàtica de Microsoft per aplicar la solució adequada per al sistema o la guia d’actualització de seguretat de Microsoft per cercar actualitzacions disponibles. Veure referències.

Referències