Security Experts:

Connect with us

Hi, what are you looking for?



Already Exploited Zero-Day Headlines Microsoft Patch Tuesday

Microsoft on Tuesday released a critical-severity bulletin to warn of a newly discovered zero-day attack exploiting a remote code execution vulnerability in its flagship Windows operating system.

Microsoft on Tuesday released a critical-severity bulletin to warn of a newly discovered zero-day attack exploiting a remote code execution vulnerability in its flagship Windows operating system.

The vulnerability, tracked as CVE-2022-34713, affects the Microsoft Windows Support Diagnostic Tool (MSDT) and has been exploited by attackers tricking users into opening or interacting with specially crafted files.

Redmond confirmed pre-patch exploitation of the issue and acknowledged it is a variant of Dogwalk, a different security flaw that was publicly discussed in June this year.

Microsoft has struggled over the last year with security problems in the diagnostics tool. In May, the company’s security response team issued public guidance on the ongoing issues and the company believes there is an increase in hacker eyeballs looking for defects in the MSDT utility.

[ READ: Adobe Patch Tuesday: Code Execution Flaws in Acrobat, Reader ]

The CVE-2022-34713 headlines a massive Microsoft Patch Tuesday that provides cover for at least 120 documented flaws in Windows and operating system components.

According to Zero Day Initiative, a company that closely tracks software flaw warnings, this is in addition to the 17 CVEs patched in Microsoft Edge (Chromium-based) and three patches related to secure boot from CERT/CC. That brings the total number of CVEs to 141.

Of the 121 new vulnerabilities patched in this monthly batch, 17 are rated ‘critical’ and 102 are rated ‘important’. In addition to the zero-day under attack, Microsoft listed two of these vulnerabilities as publicly known.

Security experts are urging Windows fleet administrators to pay special attention to three of the bulletins that carry CVSS 9.8/10 severity scores. These include CVE-2022-30133 and CVE-2022-35744 that fix RCE problems in the Windows Point-to-Point Protocol (PPP); and CVE-2022-34691 that addresses a major privilege escalation issue in Active Directory Domain Services.

Related: Adobe Patch Tuesday: Code Execution Flaws in Acrobat, Reader

Related: Microsoft Publishes Office Symbols to Improve Bug Hunting

Related: ICS Patch Tuesday: Siemens, Schneider Electric Fix Only 11 Vulnerabilities

Related: Black Hat 2022: Ten Presentations Worth Your Time and Attention

Written By

Ryan Naraine is Editor-at-Large at SecurityWeek and host of the popular Security Conversations podcast series. He is a security community engagement expert who has built programs at major global brands, including Intel Corp., Bishop Fox and GReAT. Ryan is a founding-director of the Security Tinkerers non-profit, an advisor to early-stage entrepreneurs, and a regular speaker at security conferences around the world.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content


Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...


Apple has released updates for macOS, iOS and Safari and they all include a WebKit patch for a zero-day vulnerability tracked as CVE-2023-23529.

Application Security

Drupal released updates that resolve four vulnerabilities in Drupal core and three plugins.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.

IoT Security

Lexmark warns of a remote code execution (RCE) vulnerability impacting over 120 printer models, for which PoC code has been published.


GoAnywhere MFT users warned about a zero-day remote code injection exploit that can be targeted directly from the internet