Microsoft urgently patched zero-day vulnerability after 2 years of refusing to acknowledge it

Moreover, the code that exploits this vulnerability is now publicly available on the internet and hackers are abusing it in attacks.

The patch is part of the August 2022 Patch Tuesday update. The vulnerability is tracked under the code CVE-2022-34713 and is nicknamed DogWalk.

CVE-2022-34713 comes from a path traversal weakness in the Windows Support Diagnostic Tool (MSDT). Hackers can exploit this weakness to remotely execute code on compromised systems.

They can do that by adding manually created malicious executable files to Windows Startup when the victim opens a malicious .diagcab file (received via email or downloaded from the website).

The installed executables will then automatically execute the next time the victim opens the Windows machine. They will perform different tasks, such as downloading additional malicious payloads.

It's worth noting that DogWalk is not a new vulnerability. Security researcher Imre Rad made it public over 2 years ago, January 2020. The decision to make the DogWalk vulnerability public comes after Microsoft responded to Rad's report that it would not release a patch because it was not a security issue.

However, recently the vulnerability in Microsoft Support Diagnostics Tool was rediscovered by researcher j00sean and attracted public attention. Therefore, Microsoft was forced to release a patch.

According to Microsoft, this vulnerability affects all supported versions of Windows, including the latest versions of Windows 11 and Windows Server 2022.

To fix the DogWalk vulnerability, users need to install the August 2022 Patch Tuesday update that has just been released.

Samuel Daniel

Update 17 September 2022