DogWalk, a security flaw in Windows first discovered in January 2020, has finally been fixed, the company has confirmed.
The remote code execution error, which exists due to a path vulnerability in the Windows Support Diagnostic Tool (MSDT), is being patched (opens in new tab) as part of the patch Tuesday of August 2022, Microsoft has said.
The flaw is tracked as CVE-2022-34713 and, if exploited, could give attackers the ability to execute any code on a target endpoint. It was first discovered more than two years ago by a researcher named Imre Rad, but then Microsoft said it wasn’t really a security issue and as such will not be fixed. Fast forward to today, and the flaw has been put back in the spotlight by another researcher named j00sean.
Abusing DogWalk on Windows 11
To exploit DogWalk, the attacker must add a malicious executable file to Windows Startup. That way, malware is downloaded and executed as soon as the system is rebooted. It can be used in low complexity attacks, but with a caveat: the victim must communicate with the system (they must download the malware or run it themselves).
“In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file,” Microsoft said. “In a web-based attack scenario, an attacker could host a website (or use a compromised website that accepts or hosts user-provided content) with a specially crafted file designed to exploit the vulnerability.”
DogWalk can be exploited on all supported versions of Windows, Microsoft confirms, including the latest variants – Windows 11 and Windows Server 2022.
This month’s Patch Tuesday also resolves CVE-2022-30134, a zero-day vulnerability affecting Microsoft Exchange Information Disclosure, allowing threat actors to read targeted email messages. A total of 112 errors were fixed, including 17 that were considered critical.
Through: BleepingComputer (opens in new tab)