Microsoft has confirmed that a high-severity, zero-day security vulnerability is being actively exploited by threat actors and is advising all Windows and Windows Server users to apply its latest monthly Patch Tuesday update. in whatever sea possible.
The vulnerability, known as CVE-2022-34713 or DogWalk, allows attackers to exploit a weakness in the Windows Microsoft Support Diagnostic Tool (MSDT). Using social engineering or phishing, attackers can trick users into visiting a fake website or opening a malicious document or file, ultimately achieving remote code execution on compromised systems.
DogWalk affects all supported versions of Windows, including the latest client and server versions, Windows 11 and Windows Server 2022.
The vulnerability was first reported in January 2020, but at the time Microsoft said it did not consider the exploit to be a security issue. This is the second time in recent months that Microsoft has been forced to change its stance on a known exploit, after initially rejecting reports that another zero-day Windows MSDT, known as Follina, was a security threat. A fix for this exploit was released in the June Patch Tuesday update.
Charl van der Walt, head of security research at Orange Cyberdefense, said that while Microsoft could be criticized for failing to take into account the frequency and ease with which files with seemingly innocent extensions are used to deliver malicious payloads, he also noted that With several thousand vulnerabilities reported each year, it is to be expected that Microsoft's risk-based triage approach to assessing vulnerabilities is not foolproof.
"If everything is urgent, then nothing is urgent," he said. “The security community has long since stopped believing that vulnerabilities and threats will be eradicated soon, so the challenge now is to develop a kind of agility that can sense changes in the threat landscape and adapt accordingly.”
Copyright © 2022 IDG Communications, Inc.