Skip to main content

Public advisory of scammers impersonating CSA and the SPF

Stay vigilant. Read the public advisory

Cyber Security Agency of Singapore
  1. Home
  2. Alerts & Advisories
  3. Alerts
  4. Active Exploitation of Microsoft Windows Support Diagnostic Tool (MSDT)
Alerts

Active Exploitation of Microsoft Windows Support Diagnostic Tool (MSDT)

10 August 2022

Microsoft has released a security update to address a remote code execution vulnerability (CVE-2022-34713) in the Microsoft Windows Support Diagnostic Tool (MSDT). There have been reports that this vulnerability is being actively exploited.

Successful exploitation of this vulnerability could allow an attacker to deploy a malicious executable into the Windows Startup folder.

Administrators and users of affected products are advised to upgrade to the latest versions immediately.

References:

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-34713

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34713

Back to top