Urgent Patch for Zero-Day Exploit Released
Though previously claiming that the DogWalk vulnerability did not constitute a security issue, Microsoft has done an about-face and is now urging users to run the Microsoft patch that will stop attackers from actively exploiting the vulnerability.
Microsoft has confirmed that this vulnerability is a high-severity, zero-day security vulnerability that is actively being exploited by malicious threat actors both foreign and domestic.
This threat applies to all Windows and Windows Server users.
The vulnerability is known as CVE-2022-34713, or DogWalk, and is a path traversal flaw. It allows attackers to exploit a weakness that resides in the Windows Microsoft Support Diagnostic Tool (MSDT).
This weakness uses social engineering or phishing attacks to trick users into visiting a fake website or opening a document or file containing malicious code. This allows the attacker onto the system.
Once the attacker gains access to the system, they use the path traversal flaw to plant files in locations within the file system that the MSDT won’t recognize and check for malware, such as the Startup folder. This then allows the malicious code to be executed the next time the user logs in.
As a RHYNO Networks client, with the RHYNO Client installed, your systems were patched as soon as the Microsoft patch became available, and your systems are protected.
You should immediately run the latest Windows update patch on any personal computers you may use or systems that are not on your company network and protected by the RHYNO Client.
As always, if we can be of help with your network or computer, give us a call here at RHYNO Networks. (855) 749-6648