HKCERT Security Advice: Disable URL Protocol of Windows Diagnostic Tool

to Fend off Potential System Hacking

(Hong Kong, 31 May 2022) The Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) of the Hong Kong Productivity Council is urging Windows users to take actions against a severe vulnerability in “Microsoft Support Diagnostic Tool” (MSDT), a built-in helper tool to resolve Windows system issues. It was recently found that with a specially-crafted Word document, hackers could use MSDT to trigger a remote code execution to hack into the systems. Different from the usual Office documents attacks, this time the victims do not need to execute any macro, a task automation function, in Word. The malicious code will be triggered once the user previews or opens the file. Hence, the problem is very serious.

Microsoft has already issued a security vulnerability alert (CVE-2022-30190). Since the security patch is not available yet, HKCERT recommends users to disable the MSDT URL protocol and not to open any suspicious files. Also, please stay tuned to HKCERT website for the latest updates.

The affected Windows systems cover most of the desktop and server versions. For detail and workaround, please refer to the following link:

For information security related incidents, for example, ransomware, phishing, denial of service attack, etc., please report to HKCERT through its online Incident Report Form at For other information security-related questions, please contact HKCERT by email: or call its 24-hour hotline: 8105 6060.



Comments are closed.