Microsoft, through a patch released in August 2022, provided users with security updates. These security updates were meant to deal with how the vulnerability in its high-severity “DogWalk” was exploited. In addition to this, around 140 flaws have also been patched.
CVE-2022-34713, popularly known as the DogWalk flaw, is related to the MSDT from Microsoft. The MSDT was abused as a result of zero-day exploits which used code execution that is remote. This allowed the attacked to execute their code on vulnerable systems.
DogWalk Flaw Fixed
DogWalk was originally discovered in the year 2019. Back then, it was not seen as a vulnerability. It was the month of January in 2020 that DogWalk was finally confirmed to be a vulnerability. At this time, Microsoft still didn’t see DogWalk as a threat that was legitimate.
In August 2022, Microsoft confirmed that their DogWalk had been exploited. Just after this, Microsoft also announced that they had overcome their DogWalk vulnerability through the patch released in the same month.
In addition to the DogWalk vulnerability, Microsoft also acknowledged another MSDT that was zero vulnerability. This was Follona. Follina has also been exploited within the wild. Microsoft had not originally seen Follina as a security concern. But they have, through a security advisory that was released in May 2022, announced Follina to be a security concern.
There are still many zero-day vulnerabilities that are being discovered. This is why Microsoft has urged its users to run the DogWalk flaw patch so they can avoid getting embroiled in zero-day exploits.