MALWARE-FILE-TRANSFER MSDT Vulnerability Related Payload -1

Rule ID

1231173

Severity

High

Description

The vulnerability of msdt.exe, it could be triggered by craft documents which include malicious external object load setting and cause RCE.

Impact

Remote code execution

Recommendation

Update vendor's patch.

IPS Category

Malware traffic

IPS Anomaly Group

N/A

IPS Rule Default Action

Deny

References

CVE-2022-30190

T1059.001

T1218

T1137.001

T1105

Keywords

Follina, Windows 7, Windows 8.1, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows Server 2016, Windows Server 2019

Date Created

2022/05/31

Last Updated

2022/06/08

This website uses cookies to ensure you get the best experience on our website.

Learn more