Skip to content
WIndows Defender has partial detection for CVE-2022-30190

WIndows Defender has partial detection for CVE-2022-30190

CVE-2022-30190 Microsoft Support Diagnostic Tool Vulnerability

Microsoft has now revealed the CVE identifier for this vulnerability is CVE-2022-30190, including a Security Update and article with guidance, but no patch looks to be available currently . This guidance comes directly from Microsoft (Here: https://msrc-blog.microsoft.com/2022/05/30/guidance-for-cve-2022-30190-microsoft-support-diagnostic-tool-vulnerability/) which suggests that Defender for Endpoint has a new signature in version 1.367.719.0 (or newer) which should provide partial detection. I can see from the Windows Defender for Automate plugin that the latest version we are deploying at present is 1.367.746.0 

If using Microsoft Defender, There are several suggestions to enable the following attack surface rules, URL to get to the settings: https://security.microsoft.com/search/recommendation?q=Attack%20Surface. 

Having a plugin in Automate that manages Windows Defender really helped us verify fast that the latest updates have been received by agents. We were able to use the plugin to push updates out to several agents that had not updates to that version without any issues.

What to learn more about Windows Defender for Automate visit Plugins4Automate Defender for Automate plugin

 

Older Post
Newer Post
Close (esc)

Popup

Use this popup to embed a mailing list sign up form. Alternatively use it as a simple call to action with a link to a product or a page.

Set your hostname screen

Is your Automate Hostname Filled Out?

Before purchasing any subscriptions you should verify your account settings for your Automate hostname. The hostname is used to validate licenses and without it you will show expired after purchase.

Search

Shopping Cart

Your cart is currently empty.
Shop now