关于微软支持诊断工具MSDT存在远程代码执行漏洞的安全预警

一、基本情况

微软支持诊断工具（MSDT，Microsoft Support Diagnostic Tool）是一种实用程序，用于排除故障并收集诊断数据，供专业人员分析和解决问题。Microsoft Office是由微软公司开发的一款常用办公软件。

二、漏洞描述

2022年5月30日，微软公司发布了Microsoft MSDT远程代码执行漏洞的紧急安全公告。未经身份验证的攻击者利用该漏洞，诱使用户直接访问或者预览恶意的Office文档，通过恶意Office文档中的远程模板功能，从服务器获取包含恶意代码的HTML文件并执行，从而实现以当前用户权限下的任意代码执行攻击。该漏洞已知触发需要用户对恶意Office文档进行直接访问，或者在资源管理器中通过预览选项卡对RTF格式的恶意文档进行预览。

三、影响范围

漏洞影响的产品版本包括：

Windows Server 2012 R2 (Server Core installation)

Windows Server 2012 R2

Windows Server 2012 (Server Core installation)

Windows Server 2012

Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)

Windows Server 2008 R2 for x64-based Systems Service Pack 1

Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for x64-based Systems Service Pack 2

Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for 32-bit Systems Service Pack 2

Windows RT 8.1

Windows 8.1 for x64-based systems

Windows 8.1 for 32-bit systems

Windows 7 for x64-based Systems Service Pack 1

Windows 7 for 32-bit Systems Service Pack 1

Windows Server 2016 (Server Core installation)

Windows Server 2016

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1607 for 32-bit Systems

Windows 10 for x64-based Systems

Windows 10 for 32-bit Systems

Windows 10 Version 21H2 for x64-based Systems

Windows 10 Version 21H2 for ARM64-based Systems

Windows 10 Version 21H2 for 32-bit Systems

Windows 11 for ARM64-based Systems

Windows 11 for x64-based Systems

Windows Server, version 20H2 (Server Core Installation)

Windows 10 Version 20H2 for ARM64-based Systems

Windows 10 Version 20H2 for 32-bit Systems

Windows 10 Version 20H2 for x64-based Systems

Windows Server 2022 Azure Edition Core Hotpatch

Windows Server 2022 (Server Core installation)

Windows Server 2022

Windows 10 Version 21H1 for 32-bit Systems

Windows 10 Version 21H1 for ARM64-based Systems

Windows 10 Version 21H1 for x64-based Systems

Windows Server 2019 (Server Core installation)

Windows Server 2019

Windows 10 Version 1809 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems

四、修复建议

目前，微软公司已发布漏洞缓解措施，暂未发布漏洞补丁。CNVD建议受影响用户谨慎访问来历不明的Office文档，同时按照以下微软公告及时采取漏洞临时缓解措施，并密切关注后续的补丁更新情况。