Microsoft, CISA Warn of Actively Exploited 'DogWalk' Windows Bug

pcmag.com:

Microsoft has warned its customers that a vulnerability known as DogWalk, which affects every recent version of Windows and Windows Server, is being actively exploited by attackers.

DogWalk (CVE-2022-34713) is a high severity vulnerability in the Microsoft Windows Support Diagnostic Tool (MSDT(Opens in a new window)) that can be exploited to enable remote code execution on vulnerable devices, the company says in a Microsoft Security Response Center (MSRC) update(Opens in a new window).

There are many such devices; DogWalk affects Windows 7, 8.1, 10, and 11 as well as several versions of Windows Server, Microsoft says in the MSRC update. More than 1.4 billion devices currently run Windows 10 or 11 alone, the company says on its website(Opens in a new window).

Microsoft does reassure Windows users that "exploitation of the vulnerability requires that a user open a specially crafted file," which means attackers can't just force their way onto a vulnerable system, but it's not particularly hard to get someone to open a malicious file.

"In an email attack scenario," Microsoft says, "an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file." Or they could upload the malicious file to a website and just wait for someone to download it.

This update has prompted(Opens in a new window) the US Cybersecurity and Infrastructure Security Agency (CISA) to add CVE-2022-34713 to its Known Exploited Vulnerabilities catalog. That means federal agencies have until Aug. 30 to patch their systems against the vulnerability.

That might not seem like a long time, especially since Microsoft released the Windows and Windows Servers patches related to DogWalk on Aug. 9 as