Microsoft has warned its customers that a vulnerability known as DogWalk, which affects every recent version of Windows and Windows Server, is being actively exploited by attackers.
DogWalk (CVE-2022-34713) is a high severity vulnerability in the Microsoft Windows Support Diagnostic Tool (MSDT) that can be exploited to enable remote code execution on vulnerable devices, the company says in a Microsoft Security Response Center (MSRC) update.
There are many such devices; DogWalk affects Windows 7, 8.1, 10, and 11 as well as several versions of Windows Server, Microsoft says in the MSRC update. More than 1.4 billion devices currently run Windows 10 or 11 alone, the company says on its website.
Microsoft does reassure Windows users that “exploitation of the vulnerability requires that a user open a specially crafted file,” which means attackers can’t just force their way onto a vulnerable system, but it’s not particularly hard to get someone to open a malicious file .
“In an email attack scenario,” Microsoft says, “an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file.” Or they could upload the malicious file to a website and just wait for someone to download it.
This update has prompted the US Cybersecurity and Infrastructure Security Agency (CISA) to add CVE-2022-34713 to its Known Exploited Vulnerabilities catalogue. That means federal agencies have until Aug. 30 to patch their systems against the vulnerability.
That might not seem like a long time, especially since Microsoft released the Windows and Windows Servers patches related to DogWalk on Aug. 9 as part of Patch Tuesday. But attackers have known about this flaw in MSDT for at least 2.5 years at this point.
BleepingComputer reports that DogWalk was initially disclosed by a security researcher named Imre Rad in January 2020. Microsoft initially dismissed the report, Rad says, but now it’s finally released a fix and confirmed that attackers have exploited the flaw.
.