May 28, 2023

Microsoft seems to not have any road map patch a two-year-old directory traversal vulnerability in all versions of Windows that researchers have labelled a zero-day.

Advertisements

The bug was originally reported to Microsoft in January 2020 like the recently discovered “Follina” vulnerability it involves attackers abusing Microsoft diagnostic tools to execute malicious code.

It’s been identified that a flaw in how cabinet (*.cab) files are verified allows attackers to save the file archives to any location on Windows computers. By saving a diagcab file to the Startup folder in Windows, attackers can the run their code the next time a user logs in.

One another time this bug was rediscovered earlier this month, and noted that it bypasses not only Microsoft Defender, but also browser-based file downloader warnings to users.

Named “Dogwalk”, the vulnerability also gets past Microsoft’s Mark of the Web (MOTW) security attributes for files that warn users before opening them.

Advertisements

Security vendor 0patch has released free micropatches for Dogwalk that adds the missing security check, without a Windows reboot required.

At this stage, it is not known if the Dogwalk zero-day has been actively exploited by attackers.

Tags:

Leave a Reply

You may have missed

CrowdStrike strategy dominates MDR Market

CrowdStrike strategy dominates MDR Market

May 28, 2023
TheCyberThrone Security Week In Review–May 27, 2023

TheCyberThrone Security Week In Review–May 27, 2023

May 28, 2023
Zyxel Patches Critical Buffer Overflow Vulnerability

Zyxel Patches Critical Buffer Overflow Vulnerability

May 27, 2023
Apria Data Breach affects 2 million customers

Apria Data Breach affects 2 million customers

May 27, 2023
CosmicEnergy Malware Shutting Electric grid

CosmicEnergy Malware Shutting Electric grid

May 27, 2023
Operation Magalenha from Brazil

Operation Magalenha from Brazil

May 27, 2023
%d bloggers like this: