CVE-2022-30190 Office MSDT Zero Day Fix w/ PDQ
Just wanted to say PDQ is awesome.
I was able to leverage PDQ to fix the recent zero day MSDT MS Office with a few simple steps. I thought I would share my process that doesnt require any fancy scripting.
CVE Details:
- Deploy, Created a new Package
- Step 1 Created the backup directory "mkdir -p C:\Backup"
- Step 1 Export the msdt.reg key "reg export HKCR\ms-msdt C:\Backup\msdt.reg /y"
- Step 2 Delete the MSDT key "reg delete HKCR\ms-msdt /f
- Step 3 Restore the MSDT key (Disabled, reserved to put it back later if needed) "reg import C:\backup\msdt.reg"
- Inventory - Added C:\backup to my standard file scanner
- Created a new Dynamic Collection "Needs MSDT CVE-2022-30190 Fix" (see Screenshot for the filter)
- Ran a scheduled task in deploy against the Inventory Dynamic Collection
70% completion in 8 minutes and more running as heartbeat catches them.
2
Comments
Hi,
Yes, PDQ is really awesome !
Thank you so much for sharing this with the community. I implemented your approach and it worked seamlessly.
Have a nice day