Researchers Warn of Unpatched “DogWalk” Microsoft Windows Vulnerability
An unofficial security patch has been made available for a new Windows zero-day vulnerability in the Microsoft Support Diagnostic Tool (MSDT), even as the Follina flaw continues to be exploited in the wild.
The issue — referenced as DogWalk — relates to a path traversal flaw that can be exploited to stash a malicious executable file to the Windows Startup folder when a potential target opens a specially crafted “.diagcab” archive file that contains a diagnostics configuration file.
The idea is that the payload would get executed the next time the victim logs in to the system after a restart. The vulnerability affects all Windows versions, starting from Windows 7 and Server Server 2008 to the latest releases.
DogWalk was originally disclosed by security researcher Imre Rad in January 2020 after Microsoft, having acknowledged the problem, deemed it as not a security issue.
“There are a number of file types that can execute code in such a way but aren’t technically ‘executables,'” the tech giant said at the time. “And a number of these are considered unsafe for users to download/receive in email, even ‘.diagcab’ is blocked by default in Outlook on the web and other places.”
Zero-Day Vulnerability Explained
Source: TheHackerNews