Microsoft has announced that it will retire Microsoft Support Diagnostic Tool (MSDT) troubleshooters in future versions of Windows, with MSDT eventually being removed in 2025.

Also known as legacy inbox troubleshooters, these built-in Windows tools are used to automatically diagnose and fix problems affecting certain Windows features.

While the MSDT app that runs them will be retired in 2025, troubleshooters will be killed with the launch of the next version of Windows 11.

After being retired, some MSDT troubleshooters will be redirected to Microsoft’s Get Help platform (starting later this year), while others will be removed.

You can access the Get Help troubleshooters from Windows Settings by going to Start > Settings > System > Troubleshoot > Other troubleshooters and selecting the troubleshooter that would help you solve your problems.

According to Redmond’s estimated impairment schedule, MSDT’s impairment process will occur in stages over the next three years:

  • 2023 – Start redirecting some of the troubleshooters to the new Get Help troubleshooting platform
  • 2024 – Complete troubleshooter redirect and remove rest of troubleshooters
  • 2025 – Removal of the MSDT platform

“If you are using Windows 11 version 22H2 and earlier, Windows 10, Windows 8.1, Windows 7 or any other earlier version of the operating system, your device will not be affected by the removal of MSDT Troubleshooter”, Microsoft added.

This is because legacy inbox troubleshooters will continue to work as expected on earlier versions of the Windows operating system until they are upgraded or updated to the latest version.

This week’s announcement comes after Microsoft temporarily posted a retirement message in the MSDT UI in January 2023.

Microsoft Support Diagnostic Tool (MSDT)
The Microsoft Support Diagnostic Tool (MSDT) (BleepingComputer)

Probably retired due to security concerns

Although Redmond does not explain the reasons for the deprecation of MSDT in future versions of Windows, a possible explanation would be the MSDT vulnerabilities patched by Microsoft in 2022 after being exploited in the wild using zero exploits -day.

Both dog walk (CVE-2022-34713) and the Follina (CVE-2022-30190) allow unauthenticated attackers to achieve remote code execution on unpatched Windows systems in low complexity attacks.

“A remote code execution vulnerability exists when MSDT is invoked using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can execute arbitrary code with the privileges of the calling application”, Microsoft said when describing the Follina bug.

“The attacker can then install programs, view, modify or delete data, or create new accounts within the scope authorized by the user’s rights.”

The US Cybersecurity and Infrastructure Security Agency (CISA) To added the two security flaws in its catalog of known exploited vulnerabilities and ordered federal agencies to fix them as soon as possible to thwart incoming attack attempts.

Source link