Microsoft confirms 0-day on Windows 10, 11 and Server

Microsoft released its monthly “Patch Tuesday” for August while confirming that a zero-day vulnerability, tracked as CVE-2022-34713, also known as DogWalk, is being actively exploited. The vulnerability affects all currently supported versions of Windows and Windows Servers.

The bug exists in the Windows Support Diagnostic Tool (MSDT), and exploiting it can lead to complete system compromise as it is a high-risk remote code execution vulnerability.

This is also not the first time that MSDT or DogWalk have been exploited. It was first leaked in January 2020 by security researcher Imre Rad, but Microsoft did not consider it a security issue at the time. It was again highlighted by Twitter User J00seanwho tweeted a full overview of the exploit.

Apart from DogWalk, Microsoft’s August security update covers 120 other vulnerabilities, of which 17 are rated critical, 102 important, one moderate and one low. DogWalk is already exploited on the two bugs marked as publicly known. It’s the second-largest Patch Tuesday release this year and almost three times the size of last year’s August update.

Microsoft notes that the exploit requires the user to open a maliciously crafted file, which means there is a social engineering or phishing campaign that the attacker must execute to get the target to open a malicious document or visits a compromised site. The vulnerability can be exploited in two ways:

  • By email: An attacker can trick the user into opening a maliciously crafted site sent via email.
  • Web-Based Attack: An attacker can host a website or use a compromised website that accepts or hosts user-provided content to host and distribute the malicious file.

The vulnerability has been added to CISA’s list of known exploited vulnerabilities, and federal agencies have been ordered to patch it by the end of the month. We recommend Windows users do the same.

In the news: Whatsapp update allows users to delete messages after 48 hours, silently leave groups and hide status

Comments are closed.