Threat Advisory

Microsoft Office Zero-day Vulnerability

June 2, 2022 | By Accorian

Recently a new zero-day vulnerability has been detected in Microsoft Office that can be exploited to execute arbitrary code on the affected windows machines. The vulnerability can execute malicious PowerShell commands via Microsoft Diagnostic Tool (MSDT) by opening a word document. The weakness has now been assigned CVE-2022-30190 and is rated a CVSS score of 7.8. Few of the affected MS Office versions are Office 2013, Office 2016, Office 2019, and Office 2021, as well as Professional Plus editions. The exploit works without requiring elevated privileges and even bypasses the need to enable macros. 

Microsoft hasn’t yet released a patch but has shared a few workarounds as a stopgap. Admins and users are advised to disable the MSDT URL protocol, which the attackers are leveraging to execute code. According to Microsoft, MS Office’s Protected View and Application Guard would block CVE-2022-30190 attacks, although some researchers claim that the security feature will not block exploitation attempts if the malicious document is previewed in Windows Explorer. Therefore, it is also advised to disable the Preview pane in Windows Explorer. 

Accorian recommends all admins implement the workarounds until a patch has been released. 

You can find detailed guidance released by Microsoft here. ( 

Accorian can help identify this vulnerability in your environment. Simply reply back to this mail and one of your team members will get in touch with you.

Recent Post

    Ready to Start?

      Ready to Start?

        Download Case study

          Download Guide

          Human Resources Director

          Posted On: 09 May, 2022

          Drop your CVs to

            Interested Position

            First Name

            Last Name


            Total Experience

            Mobile Number

            Upload Resume