• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
microsoft patches ‘dogwalk’ zero day and 17 critical flaws

Microsoft Patches ‘Dogwalk’ Zero-Day and 17 Critical Flaws

You are here: Home / Latest Cyber Security Vulnerabilities / Microsoft Patches ‘Dogwalk’ Zero-Day and 17 Critical Flaws
August 10, 2022

August Patch Tuesday tackles 121 CVEs, 17 critical bugs and a person zero-working day bug exploited in the wild.

Microsoft is urging end users to patch a zero-working day vulnerability dubbed Dogwalk that is actively currently being exploited in the wild. The bug (CVE-2022-34713) is tied to a Microsoft Windows Support Diagnostic Software and permits a distant attacker to execute code on a vulnerable process.

The warning is portion of a massive August Patch Tuesday update that incorporated 121 flaws, 17 of which were critical and 101 carrying a Typical Vulnerability Scoring Procedure rating of Essential.Infosec Insiders Newsletter

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


“The volume of fixes released this month is markedly larger than what is normally anticipated in an August release. It’s virtually triple the size of final year’s August release, and it’s the next most significant launch this year,” wrote Dustin Childs, Zero Working day Initiative supervisor, in a Tuesday site submit.

Dogwalk Flaw Was In excess of Two-A long time Aged

The actively exploited Dogwalk bug was first reported to Microsoft in January 2020 by researcher Imre Rad. Nevertheless, it wasn’t until a individual researchers started tracking the exploitation of a flaw dubbed Follina (CVE-2022-30190) that the Dogwalk bug was rediscovered. That renewed interest in Dogwalk appears to have inspired Microsoft to insert the patch to this month’s round of fixes, in accordance to a Tenable Patch Tuesday roundup report.

Microsoft states that CVE-2022-34713 is a “variant of” Dogwalk, but distinct. Microsoft scored the vulnerability as Crucial and warns that the exploitation of the bug can only be preformed by an adversary with actual physical obtain to a vulnerable personal computer. Nevertheless, researchers at Zero Working day Initiative outline how a distant attack may well arise.

“There is an aspect of social engineering to this as a danger actor would need to encourage a user to click on a backlink or open up a document,” Childs wrote.

Microsoft describes a probable attack as obtaining a small complexity price, which means it can be exploited effortlessly and necessitates no progress procedure privileges to execute.

“This bug also lets code execution when MSDT is termed utilizing the URL protocol from a contacting application, commonly Microsoft Word,” Childs wrote. “It’s not obvious if this vulnerability is the result of a failed patch or something new,” he included.

17 Critical Flaws

The most severe of the vulnerabilities patched on Tuesday include a trio of elevation of privilege vulnerabilities opening situations of Microsoft Exchange Server to attack. Microsoft has unveiled a independent notify page for this flaw to aid mitigate the flaws.

“All 3 vulnerabilities involve authentication and consumer interaction to exploit — an attacker would want to entice a focus on to take a look at a specially crafted Trade server, very likely through phishing,” wrote Tenable about the Trade Server bugs.

Again in the Patch Tuesday spotlight is a critical flaw (CVE-2022-35804) in Microsoft’s Server Message Block (SMB) client and server functioning on Windows 11 programs employing Microsoft SMB 3.1.1 (SMBv3), in accordance to the enterprise. Microsoft categorized the bug as “Exploitation More Likely” and assigned an 8.8 severity score to the flaw.

The flaw only affects Windows 11, which Zero Working day Initiative explained, “implies some new features released this vulnerability.” Scientists there stated the SMB flaw could perhaps be wormable concerning influenced Windows 11 programs only when SMB server is enabled.

“Disabling SMBv3 compression is a workaround for this bug, but implementing the update is the very best technique to remediate the vulnerability,” wrote Childs.

Rated among 8.5 to 9.8 in severity, Microsoft patched a remote code execution flaw (CVE-2022-34715) in its Windows Network File Program. This is the fourth thirty day period in a row that Microsoft has deployed a critical NFS code execution patch. Interestingly, Microsoft describes the flaw as Significant, when scientists warn the bug is Critical and should be a precedence patch.

“To exploit this, a distant, unauthenticated attacker would will need to make a specially crafted call to an afflicted NFS server. This would give the risk actor with code execution at elevated privileges. Microsoft lists this as Essential severity, but if you are using NFS, I would treat it as Critical. Unquestionably test and deploy this correct promptly,” advises Zero Working day Initiative.

In relevant news, Adobe patched 25 CVEs on Tuesday tackling bugs in Adobe Acrobat and Reader, Commerce, Illustrator, FrameMaker and Adobe Leading Things.


Some parts of this posting are sourced from:
threatpost.com

Previous Post: «dogwalk rce variant among 121 vulnerabilities fixed in microsoft's august Dogwalk RCE variant among 121 vulnerabilities fixed in Microsoft’s August Patch Tuesday
Next Post: Experts Uncover Details on Maui Ransomware Attack by North Korean Hackers experts uncover details on maui ransomware attack by north korean»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Over 269,000 Websites Infected with JSFireTruck JavaScript Malware in One Month
  • Ransomware Gangs Exploit Unpatched SimpleHelp Flaws to Target Victims with Double Extortion
  • CTEM is the New SOC: Shifting from Monitoring Alerts to Measuring Risk
  • Apple Zero-Click Flaw in Messages Exploited to Spy on Journalists Using Paragon Spyware
  • WordPress Sites Turned Weapon: How VexTrio and Affiliates Run a Global Scam Network
  • New TokenBreak Attack Bypasses AI Moderation with Single-Character Text Changes
  • AI Agents Run on Secret Accounts — Learn How to Secure Them in This Webinar
  • Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Interaction
  • Non-Human Identities: How to Address the Expanding Security Risk
  • ConnectWise to Rotate ScreenConnect Code Signing Certificates Due to Security Risks

Copyright © TheCyberSecurity.News, All Rights Reserved.