Back

Microsoft Addresses DogWalk Vulnerability in MSDT with Patch

Severity: Medium (Score: 57.9)

Sources: Trendmicro

Summary

Microsoft has released a patch for CVE-2022-34713, known as DogWalk, a vulnerability affecting the Microsoft Support Diagnostic Tool (MSDT). Initially reported in 2019, the vulnerability was reevaluated as a significant threat in August 2022 due to its exploitation in attacks involving the Follina vulnerability. DogWalk is a path traversal flaw that allows malicious executables to be placed in the Windows Startup folder via specially crafted '.diagcab' files. This vulnerability impacts all Windows versions from Windows 7 and Server 2008 onward. Although no real-world attacks exploiting DogWalk have been reported, a proof-of-concept (PoC) was available since 2019. Microsoft has implemented measures to block '.diagcab' files in Outlook and other applications to mitigate risks. Users are advised to remain vigilant against social engineering tactics that could exploit this vulnerability. Key Points: • CVE-2022-34713, known as DogWalk, affects all Windows versions from 7 and Server 2008 onward. • The vulnerability allows malicious files to be executed via specially crafted '.diagcab' files. • Microsoft has issued a patch and blocked '.diagcab' files in Outlook to enhance security.

Key Entities

  • Malware (attack_type)
  • Phishing (attack_type)
  • Zero-day Exploit (attack_type)
  • CVE-2022-34713 (cve)
  • T1071 - Application Layer Protocol (mitre_attack)
  • T1547.001 - Registry Run Keys / Startup Folder (mitre_attack)
  • T1547 - Boot Or Logon Autostart Execution (mitre_attack)
  • T1566.001 - Spearphishing Attachment (mitre_attack)
  • Outlook (company)
  • Windows (platform)
  • MSDT (tool)
  • DogWalk (vulnerability)
  • Follina (vulnerability)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed