Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Windows Security

Microsoft Urges Windows Users To Run Patch For DogWalk Zero-Day Exploit (computerworld.com) 15

joshuark shares a report from Computerworld: Despite previously claiming the DogWalk vulnerability did not constitute a security issue, Microsoft has now released a patch to stop attackers from actively exploiting the vulnerability. [...] The vulnerability, known as CVE-2022-34713 or DogWalk, allows attackers to exploit a weakness in the Windows Microsoft Support Diagnostic Tool (MSDT). By using social engineering or phishing, attackers can trick users into visiting a fake website or opening a malicious document or file and ultimately gain remote code execution on compromised systems. DogWalk affects all Windows versions under support, including the latest client and server releases, Windows 11 and Windows Server 2022.

The vulnerability was first reported in January 2020 but at the time, Microsoft said it didn't consider the exploit to be a security issue. This is the second time in recent months that Microsoft has been forced to change its position on a known exploit, having initially rejected reports that another Windows MSDT zero-day, known as Follina, posed a security threat. A patch for that exploit was released in June's Patch Tuesday update.

This discussion has been archived. No new comments can be posted.

Microsoft Urges Windows Users To Run Patch For DogWalk Zero-Day Exploit

Comments Filter:

"The vast majority of successful major crimes against property are perpetrated by individuals abusing positions of trust." -- Lawrence Dalzell

Working...