Cyber Security

Years after claiming DogWalk wasn’t a vulnerability, Microsoft confirms flaw is being exploited and points patch

Years after claiming DogWalk wasn’t a vulnerability, Microsoft confirms flaw is being exploited and points patch
Written by admin


This week Microsoft lastly launched a patch for a zero-day safety flaw being exploited by hackers, that the corporate had claimed since 2019 was not really a vulnerability.

The volte-face from Microsoft pertains to “DogWalk”, a distant code execution vulnerability within the Microsoft Home windows Help Diagnostic Software (MSDT), affecting all Home windows variations going again so far as Home windows 7 and Server 2008.

Profitable exploitation of DogWalk can see malicious attackers achieve distant code execution on compromised pc techniques.

As a result of excessive severity of the DogWalk vulnerability (technically identified by Microsoft as CVE-2022-34713), all customers of Home windows and Home windows Server are being urged to make sure techniques are correctly up to date as quickly as doable.

Microsoft additionally famous that the vulnerability had been seen being actively exploited.

The DogWalk vulnerability, found by safety researcher Imre Rad on the finish of 2019, was initially downplayed by Microsoft who mentioned that it will not be fixing the bug because it didn’t view it as having happy its standards for being a vulnerability.

When considerations about DogWalk resurfaced in June, an unofficial third-party patch was launched within the absence of any signal that Microsoft might change its stance.

With the discharge of an official patch in Microsoft’s newest month-to-month Patch Tuesday replace there isn’t any want any longer for customers to depend on a third-party repair.

Microsoft safety researcher Johnathan Norman provided an apology for the corporate’s sluggish dealing with of the problem:

We lastly fastened the #DogWalk vulnerability. Sadly this remained a problem for much too lengthy. due to everybody who yelled at us to repair it.

The DogWalk vulnerability is only one of greater than 120 bugs in Microsoft’s code addressed by the August 2022 Patch Tuesday replace.



About the author

admin

Leave a Comment