I read about „CVE-2022-30190 Microsoft Windows Support Diagnostic Tool (MSDT)„ Problem and I would like to know if there is any support from Watchguard/Panda for this case.
I just read the Sophos article about this incident. Apparently, they have already deposited a detection for their security products. I am absolutely sure that Watchguard/Panda are already working hard on detection and blocking capabilities. Can you give a short status anyway?
Article from Sophoshttps://news.sophos.com/en-us/2022/05/30/malicious-word-doc-taps-previously-unknown-microsoft-office-vulnerability/
Yes, you are right. Panda/Watchguard EPP/EDR/EPDR are able to detect and block CVE-2022-30190 Microsoft Windows Support Diagnostic Tool (MSDT).
We are working to create a KB explaining how our products detects and block it.
Great news! Thanks a lot for your support!
Is there detection for CVE-2022-30190 on M300 firewalls?
I now see the KB entries:
Watchguard KB Article ID :000022644https://techsearch.watchguard.com/KB?type=Article&SFDCID=kA16S000000JwpKSAS&lang=en_US
Panda KB Help nº- 20220602 100079 ENhttps://pandasecurity.com/en/support/card?id=100079