Malicious Office documents designed to exploit the flaw can be triggered in multiple ways, including via a hover-preview in Windows Explorer, security firm Huntress warns. The vulnerability “uses Word’s external link to load the HTML and then uses the’ms-msdt’ scheme to execute PowerShell code” Microsoft on Monday confirmed the flaw and designated it CVE-2022-30190. The exploit chain allows an attacker to use MSDT to execute arbitrary PowerShell code on a system, which they can use to download and execute malicious code.”]
Source: https://www.databreachtoday.com/microsoft-office-attackers-injecting-code-via-zero-day-bug-a-19169