Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Already Exploited Zero-Day Headlines Microsoft Patch Tuesday

Microsoft on Tuesday released a critical-severity bulletin to warn of a newly discovered zero-day attack exploiting a remote code execution vulnerability in its flagship Windows operating system.

Microsoft on Tuesday released a critical-severity bulletin to warn of a newly discovered zero-day attack exploiting a remote code execution vulnerability in its flagship Windows operating system.

The vulnerability, tracked as CVE-2022-34713, affects the Microsoft Windows Support Diagnostic Tool (MSDT) and has been exploited by attackers tricking users into opening or interacting with specially crafted files.

Redmond confirmed pre-patch exploitation of the issue and acknowledged it is a variant of Dogwalk, a different security flaw that was publicly discussed in June this year.

Microsoft has struggled over the last year with security problems in the diagnostics tool. In May, the company’s security response team issued public guidance on the ongoing issues and the company believes there is an increase in hacker eyeballs looking for defects in the MSDT utility.

[ READ: Adobe Patch Tuesday: Code Execution Flaws in Acrobat, Reader ]

The CVE-2022-34713 headlines a massive Microsoft Patch Tuesday that provides cover for at least 120 documented flaws in Windows and operating system components.

According to Zero Day Initiative, a company that closely tracks software flaw warnings, this is in addition to the 17 CVEs patched in Microsoft Edge (Chromium-based) and three patches related to secure boot from CERT/CC. That brings the total number of CVEs to 141.

Of the 121 new vulnerabilities patched in this monthly batch, 17 are rated ‘critical’ and 102 are rated ‘important’. In addition to the zero-day under attack, Microsoft listed two of these vulnerabilities as publicly known.

Advertisement. Scroll to continue reading.

Security experts are urging Windows fleet administrators to pay special attention to three of the bulletins that carry CVSS 9.8/10 severity scores. These include CVE-2022-30133 and CVE-2022-35744 that fix RCE problems in the Windows Point-to-Point Protocol (PPP); and CVE-2022-34691 that addresses a major privilege escalation issue in Active Directory Domain Services.

Related: Adobe Patch Tuesday: Code Execution Flaws in Acrobat, Reader

Related: Microsoft Publishes Office Symbols to Improve Bug Hunting

Related: ICS Patch Tuesday: Siemens, Schneider Electric Fix Only 11 Vulnerabilities

Related: Black Hat 2022: Ten Presentations Worth Your Time and Attention

Written By

Ryan Naraine is Editor-at-Large at SecurityWeek and host of the popular Security Conversations podcast series. He is a security community engagement expert who has built programs at major global brands, including Intel Corp., Bishop Fox and GReAT. Ryan is a founding-director of the Security Tinkerers non-profit, an advisor to early-stage entrepreneurs, and a regular speaker at security conferences around the world.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Vulnerabilities

Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

Vulnerabilities

A researcher at IOActive discovered that home security systems from SimpliSafe are plagued by a vulnerability that allows tech savvy burglars to remotely disable...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Vulnerabilities

Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.

Vulnerabilities

The latest Chrome update brings patches for eight vulnerabilities, including seven reported by external researchers.