Unofficial Patch Released for Fresh 0-day DogWalk Vulnerability

0-day DogWalk vulnerability
Written by Emma Davis

The 0patch developers have released free, unofficial patches for a new 0-day vulnerability in the Microsoft Support Diagnostic Tool (MSDT), which researchers have jokingly called DogWalk.

The new problem is categorized as path traversal, and attackers can use it to copy an executable file to the Windows startup folder when a victim opens a malicious .diagcab file (either received via email or downloaded from the Internet). This way, the embedded executable will automatically run the next time user restarts Windows.

Back in January 2020, the original vulnerability was discovered and disclosed by information security researcher Imre Rad, but then Microsoft reported that the discovered bug was not a security issue.

Recently, this bug was discovered again, and this time it was reported by an expert known as j00sean.

While Microsoft has said that Outlook users are out of danger because .diagcab files are automatically blocked, researchers and experts say exploiting this bug is still an attack vector. The fact is that a malicious file can be delivered through another email client or downloaded through a site controlled by an attacker. At the same time, j00sean emphasizes that this vulnerability is not related to the Follina problem.

Mitya Kolsek

Mitya Kolsek

Outlook is not the only means of delivery: such a file is easily downloaded by all major browsers, including Microsoft Edge, by simply visiting (!) the site. And it only takes one click (or a random click) in your browser’s download list to open it. The process does not display a warning, unlike downloading and opening other files capable of executing malicious code.0patch co-founder Mitya Kolsek explains.

The DogWalk vulnerability is known to affect all versions of Windows, from newer ones (Windows 11 and Server 2022) to Windows 7 and Server 2008.

Unofficial patches from 0patch are available for Windows 11 21H2, Windows 10 (1803 to 21H2), Windows 7, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, Windows Server 2016, Windows Server 2019 and Windows Server 2022.

A detailed technical analysis of this problem can be found in the Kolsec blog.

Sending
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

About the author

Emma Davis

I'm writer and content manager (a short time ago completed a bachelor degree in Marketing from the Gustavus Adolphus College). For now, I have a deep drive to study cyber security.

Leave a Reply

Sending