Microsoft patches critical vulenerblity in Windows Support Diagnostic Tool

The US Cybersecurity and Infrastructure Security Agency (CISA) has added two more flaws to its catalog of Known Exploited Vulnerabilities (KEVs), based on evidence of active exploitation.

One of them has spent more than two years as a Zero-Day bug in the Windows Support Diagnostic Tool (MSDT) and has publicly available exploit code.

Both of these security issues have received a high severity score and are vulnerabilities that could help attackers plant malware on a targeted system.

Windows DogWalk vulnerability

Registered as CVE-2022-34713 and informally known as DogWalk (similar to Follina), the security flaw in MSDT allows an attacker to place a malicious executable in the Windows startup folder.

The issue was initially reported to Microsoft by researcher Imre Rad in January 2020, but his report was misclassified as not describing a security risk and dismissed as such.

The issue was brought back to public attention this year by security researcher j00sean, who summarized what an attacker could accomplish by exploiting it and provided video proof:

Successful exploitation requires user interaction, an easy hurdle to overcome via social engineering, especially in email and web-based attacks, Microsoft says in its advisory. “In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file.”

In a web-based attack scenario, an attacker could host a website (or exploit a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that could exploit the vulnerability. Microsoft addressed CVE-2022-34713 on Tuesday as part of the August 2022 security updates for Windows. The company notes that the problem has already been exploited in attacks.