CVE-2022-30190

A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run code with the privileges of the calling application. Vendor/Product: Microsoft Windows. Added to CISA KEV 2022-06-14; required action: Apply updates per vendor instructions.