CVE-2022-30190 Office MSDT Zero Day Fix w/ PDQ

Just wanted to say PDQ is awesome. 

I was able to leverage PDQ to fix the recent zero day MSDT MS Office with a few simple steps. I thought I would share my process that doesnt require any fancy scripting.

CVE Details: 

  1. Deploy, Created a new Package
  2. Step 1 Created the backup directory "mkdir -p C:\Backup"
  3. Step 1 Export the msdt.reg key "reg export HKCR\ms-msdt C:\Backup\msdt.reg /y"
  4. Step 2 Delete the MSDT key "reg delete HKCR\ms-msdt /f
  5. Step 3 Restore the MSDT key (Disabled, reserved to put it back later if needed) "reg import C:\backup\msdt.reg"

  1. Inventory - Added C:\backup to my standard file scanner
  2. Created a new Dynamic Collection "Needs MSDT CVE-2022-30190 Fix"  (see Screenshot for the filter)
  3. Ran a scheduled task in deploy against the Inventory Dynamic Collection 


70% completion in 8 minutes and more running as heartbeat catches them. 






1 comment
Date Votes
  • Hi,

    Yes, PDQ is really awesome !

    Thank you so much for sharing this with the community. I implemented your approach and it worked seamlessly.

    Have a nice day


Please sign in to leave a comment.

Didn't find what you were looking for?

New post