Forum Discussion

Anonymous

4 years ago

Zero Click Zero Day in Microsoft Support Diagnostic Tool...

Zero Click Zero Day in Microsoft Support Diagnostic Tool Exploited in the Wild (CVE-2022-30190) On May 30, Microsoft released an advisory for a zero-day in the Microsoft Windows Support Diagnostic T...

paul_jacoby

Connect Contributor III

4 years ago

Detection of the GPO-based mitigations would be VERY helpful -- see https://admx.help/?Category=Windows_10_2016&Policy=Microsoft.Policies.ScriptedDiagnostics::ScriptedDiagnosticsExecutionPolicy

For whatever reason Microsoft has documented in it's blog two GPO settings that _DON'T_ work, but ignored the one that does.

It would be ideal if plugin 161691 could see check all of the corresponding reg keys for each mitigation -- (Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\ScriptedDiagnostics\EnableDiagnostics = 0)

Forum Discussion

Zero Click Zero Day in Microsoft Support Diagnostic Tool...

Recent Discussions

Microsoft’s September 2025 Patch Tuesday Addresses 80 CVEs (CVE-2025-55234)

Frequently Asked Questions About Chinese State-Sponsored Actors Compromising Global Networks

CVE-2025-7775: Citrix NetScaler ADC and Gateway Zero-Day RCE Vulnerability Exploited in the Wild

CVE-2025-25256: Proof of Concept Released for Fortinet FortiSIEM Command Injection Vulnerability

Microsoft’s August 2025 Patch Tuesday Addresses 107 CVEs (CVE-2025-53779)

Americas

Europe

Asia / Australia