Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Thursday, 30 March, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Unofficial Security Patch Released For Microsoft Zero-Day Vulnerability

A new unofficial security patch has been released to combat Microsoft vulnerability dubbed DogWalk

by Guru Writer
June 9, 2022
in Cyber Bites
Person using blue laptop next to coffee cup
Share on FacebookShare on Twitter

As the Follina flaw continues to be exploited in the wild, an unofficial security patch for a new Windows zero-day vulnerability in the Microsoft Diagnostic Tool (MSDT) has been made available.

Referenced as DogWalk, the issue relates to a path traversal flaw that, when a potential target opens a specially created “.diagcab” archive file that contains a diagnostics configuration file, can be exploited to stash a malicious executable file to the Windows Start-up folder.

The idea is that the payload would get executed the next time the victim restarts the system and logs in. This vulnerability affects all Windows versions, starting from Windows 7 and Server Server 2008.

The security researcher Imre Rad first disclosed the issue in January 2020 after Microsoft said that it was not a security issue.

Microsoft stated: “There are a number of file types that can execute code in such a way but aren’t technically ‘executables’ and a number of these are considered unsafe for users to download/receive in email, even ‘.diagcab’ is blocked by default in Outlook on the web and other places.”

Typically, all files downloaded and received via email include a Mark-of-the-Web (MOTW) tag that determines the emails origin and triggers an appropriate security response. The MSDT application allows the .digacab file to be opened without warning, as the MSDT application is not designed to check this flag, according to 0patch’s Mitja Kolsek.

Kolsek said, “outlook is not the only delivery vehicle: such file is cheerfully downloaded by all major browsers including Microsoft Edge by simply visiting(!) a website, and it only takes a single click (or mis-click) in the browser’s downloads list to have it opened.”

“No warning is shown in the process, in contrast to downloading and opening any other known file capable of executing [the] attacker’s code.”

This renewed interest in the zero-day bug follows active exploitation of the “Follina” remote code execution vulnerability by using malware-laced Word documents that exploit the “ms-msdt:’ protocol URI system.

 

 

FacebookTweetLinkedIn
ShareTweetShare
Previous Post

New NHS Digital Materials Aim to Boost Cybersecurity Awareness in Social Care Organisations

 Next Post

Large Scale Phishing Campaign on Facebook Messenger Generates Millions in Ad Revenue

Recent News

cybersecurity training

Only 10% of workers remember all their cyber security training

March 30, 2023
Pie Chart, Purple

New API Report Shows 400% Increase in Attackers

March 29, 2023
Cato Networks delivers first CASB for instant visibility and control of cloud application data risk

Cato Networks Recognised as Leader in Single-Vendor SASE Quadrant Analysis

March 29, 2023
Outside of cinema with advertising

Back and Bigger Than Ever! The Inside Man Season 5 Takes a Stab at Power Hungry Adversaries

March 29, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information