vulnerabilities DogWalk and other vulnerabilities Microsoft has released patches for more than 140 vulnerabilities, some of which need to be closed as soon as possible. Editorial Team August 10, 2022 With this August patch Tuesday, Microsoft fixed more than a hundred vulnerabilities. Some of the vulnerabilities require special attention from corporate cybersecurity personnel. Among them there are 17 critical ones, two of which are zero-days. At least one vulnerability has already been actively exploited in the wild, so it would be wise not to delay patch implementation. It’s no coincidence that the US Cybersecurity and Infrastructure security agency recommends paying attention to this update. DogWalk (aka CVE-2022-34713) — RCE vulnerability in MSDT The most dangerous of the newly closed vulnerabilities is CVE-2022-34713. Potentially, it allows remote execution of malicious code (belongs to the RCE type). CVE-2022-34713, dubbed DogWalk, is a vulnerability in the Microsoft Windows Support Diagnostic Tool (MSDT), like Follina, which made some hype in May of this year. The problem lies in how the system handles Cabinet (.cab) archives. To exploit the vulnerability, an attacker needs to lure the user to open a malicious file that saves the .diagcab archive to the Windows Startup folder so that its contents are executed the next time the user restarts his computer and logs in. Actually, DogWalk was discovered two years ago, but then the system developers for some reason didn’t pay enough attention to this problem. Now the vulnerability is fixed, but Microsoft has already detected its exploitation. Other vulnerabilities to watch out for The second zero-day vulnerability closed last Tuesday is CVE-2022-30134. It’s contained in Microsoft Exchange. Information about it was published before Microsoft was able to create the patch, but so far this vulnerability has not been exploited in the wild. Theoretically, if an attacker manages to use CVE-2022-30134, he will be able to read the victim’s email correspondence. This is not the only flaw in Exchange that was fixed by the new patch. It also closes the CVE-2022-24516, CVE-2022-21980 and CVE-2022-24477 vulnerabilities that allow attackers to elevate their privileges. As for the CVSS rating, two related vulnerabilities are conditional champions: CVE-2022-30133 and CVE-2022-35744. Both are found in the Point-to-Point Protocol (PPP). Both allow attackers to send requests to the remote access server, which can lead to the execution of malicious code on the machine. And both have the same CVSS score: 9.8. For those who for some reason cannot immediately install patches, Microsoft recommends closing port 1723 (vulnerabilities can only be exploited through it). However, be aware that this may disrupt the stability of communications on your network. How to stay safe We advise installing fresh the Microsoft updates as soon as possible, and don’t forget to check all the information in the FAQs, Mitigations, and Workarounds section on the update guide that’s relevant to your infrastructure. In addition, it should be remembered that all computers in the company with internet access (whether they’re workstations or servers) must be equipped with a reliable cybersecurity solution, capable of protecting them against exploitation of yet undetected vulnerabilities.
Read next Previewing Black Hat 2022 A look at what experts at Kaspersky will be watching during Black Hat 2022.
Tips How to set up security and privacy in Strava Want to keep your runs, rides, and hikes private on Strava? This guide will walk you through the essential privacy settings in this popular fitness app.
Tips Run for your data: Privacy settings in jogging apps Running apps know a lot about their users, so it’s worth setting them up to ensure your data doesn’t fall into the wrong hands. Here’s how.
Tips When you get a login code for an account you don’t have What to do if you receive a text with a two-factor authentication code from a service you’ve never registered for.
Tips School and cyberthreats Why cybersecurity in education is critical, and how to protect schools from attacks.