Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability
Overdue
Microsoft / Windows
CWE-610
Description
A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run code with the privileges of the calling application.
Required Action
Apply updates per vendor instructions.
Additional Information
- Catalog Version
- 2025.01.24
- Catalog Released
- Jan. 24, 2025
- Days Until Due
- 0 days
- Last Updated
- 8 months ago