Modern computer systems are incredibly complex. Even individuals with lots of IT experience know that security breaches slip through the cracks all the time. Nowhere is this more apparent than in the latest Microsoft CVE-2022-30190 diagnostic tool vulnerability.
This vulnerability was only recently discovered. Fortunately, no major breaches or security disasters have occurred due to it so far. That said, your organization needs to know how to close this vulnerability – and how to prevent future cybersecurity breaches from affecting you in the future.
CVE-2022-30190 Vulnerability Explained
CVE-2022-30190 refers to a recently discovered vulnerability in the Microsoft Support Diagnostic Tool or MSDT. This is potentially dangerous since many organizations use the MSDT regularly to identify issues with their software or computer systems.
The vulnerability works like this:
- When a user calls the MSDT using a URL protocol, the CVE-2022-30190 remote code execution vulnerability appears. MSDT can be called from many different applications, like Microsoft Word, and may be called intentionally or unintentionally
- The CVE-2022-30190 vulnerability allows attackers to run or apply arbitrary code strings with any of the privileges included within the calling application, even if the attacker doesn’t have those privileges personally.
- In theory, an attacker could run code that could widen the vulnerability and cause other problems. For example, an attacker can install programs, change or delete data, create new accounts, and more
In other words, the CVE-2022-30190 MSDT vulnerability allows hackers far greater access to computer systems than they would normally receive. As a result, many managed security services providers, like LI Tech, have worked quickly and effectively to find and apply solutions.
Current CVE-2022-30190 Workaround
Currently, there is a Microsoft-endorsed workaround for the CVE-2022-30190 vulnerability. It operates by disabling the MSDT URL protocol.
By disabling the URL protocol, troubleshooters cannot launch as links, including links that launch through the operating system (OS). Note that troubleshooters may still be accessed by computer operators using the Get Help application or through standard system settings. Other troubleshooters may also allow troubleshooting access.
To disable your system’s MSDT URL protocol:
- Run the Command Prompt as an Administrator
- Then back up the registry key. To do this, execute this command: “reg export HKEY_CLASSES_ROOT/ms-msdt filename”
- Then execute this command: “reg delete HKEY_CLASSES_ROOT/ms-msdt/f”
Once applied, the MSDT troubleshooter may not be launched through standard means, and the vulnerability should be closed until a longer-term solution is discovered and implemented.
Should you need to undo this workaround, you can:
- Run the Command Prompt as an Administrator
- Then execute this command: “reg import filename”
In both cases, replace “filename” with the file you wish to troubleshoot.
For more information about this workaround and the CVE-2022-30190 vulnerability, visit Microsoft’s official page.
How to Fix the CVE-2022-30190 Vulnerability Long-Term
Although the above workaround is very beneficial, it does not solve the CVE-2022-30190 vulnerability in the long term. The only way to solve these vulnerabilities is to ensure that you have IT staff on hand constantly scanning for potential problems and closing breaches before they become issues.
That’s a tall order, especially if your business focuses on another industry or niche aside from IT security. But what if you didn’t have to assign people to do this critical task themselves?
Instead, you can rely on experts in IT security and managed software services: LI Tech Solutions.
The Benefits of LI Tech’s Managed Services
As the go-to managed IT services provider in Long Island for many companies, LI Tech is well equipped to assist with your security and vulnerability patching needs.
In fact, we’ve already got on top of the CVE-2022-30190 vulnerability. As soon as it was announced, our experts got to work:
- Identifying what the problem was
- Determining how best to close the issue
- Using Microsoft’s workaround where appropriate
To the benefit of our clients, we rapidly applied a patch to close the vulnerability. We did this after confirming that none of our clients had suffered data losses or other security breaches due to the CVE-2022-30190 vulnerability in the first place.
That’s because, as a dedicated Long Island-managed IT services company, LI Tech is proactive compared to reactive. What does this mean?
In short, our proactive approach allows us to identify and solve security issues before they negatively affect our client companies. We prioritize developing new approaches to security problems and evolving alongside malware and other cyber threats rather than letting those malicious parties set the pace of the digital arms race.
In contrast, a reactive approach usually leads to much higher costs in the long run. Companies must first become aware of security breaches, oftentimes after the damage has already been done, and then patch those breaches after the fact.
LI Tech’s proactive approach is exactly why you should rely on us to patch the CVE-2022-30190 and similar vulnerabilities for your company in the future. Instead of waiting for official Microsoft recommendations or trying to discern the right course of action yourself, why not leave it to the experts?
Even better, when you hire LI Tech Solutions, you don’t just get vulnerability patching. You also receive expert assistance and services like:
- Cloud infrastructure services, enabling you to benefit from the best software access without having to increase your on-site costs
- 24/7 data protection and backup services, thus ensuring the security and fidelity of vital company data and customer privacy information
- Security best practices training for your staff. This training can ensure that your organization will not remain vulnerable to basic cyber threats, like phishing emails
- And more
Ultimately, the CVE-2022-30190 vulnerability demonstrates the importance of having managed services providers working around the clock for your organization. To make sure your company doesn’t suffer any adverse effects from the CVE-2022-30190 vulnerability, contact LI Tech Solutions today.