Affected Systems: Windows 10 and 11
Description:
Microsoft’s August 2022 security update includes patches for two zero-day vulnerabilities, one of which has been seen exploited in the wild.
The actively exploited vulnerability, known as ‘DogWalk’ and tracked by Microsoft as CVE-2022-34713, allows for attackers to execute code remotely by copying an executable file into the Windows Startup Folder. The attack is started when a victim opens a malicious .diagcab file, which is typically received via phishing email or downloaded from the internet. This vulnerability has a high CVSS severity score of 7.8.
The second zero-day vulnerability patched is tracked as CVE-2022-30134 and also has a high CVSS severity score of 7.6. This vulnerability allows attackers to read targeted email messages but has not yet been detected as being exploited in the wild.
The update fixes 121 vulnerabilities in total, including those that allow for bypassing security features, privilege elevation, and remote code execution. 17 of the vulnerabilities fixed are classed as critical.
More technical details about this security update can be found here. Additionally, BleepingComputer has created a full list of vulnerabilities patched in this update.
Preventions:
To mitigate the risk of these new vulnerabilities, update all windows systems with this security patch as soon as possible. Attackers will often look to exploit zero-day vulnerabilities as soon as they are publicly identified, so ensuring all work devices are updated as soon as possible can help reduce the risk of becoming victim to an attack.
As this update is mandatory, most Windows 10 and 11 systems should automatically update. However, if you wish to update manually you can do so by going to the Windows Update section within Settings and clicking on ‘Check for Updates’.
Related Links:
https://www.bleepingcomputer.com/news/microsoft/microsoft-august-2022-patch-tuesday-fixes-exploited-zero-day-121-flaws/ – Posted August 9th
https://www.bleepingcomputer.com/news/microsoft/windows-10-kb5016616-and-kb5016623-updates-released/ – Posted August 9th
https://msrc.microsoft.com/update-guide/releaseNote/2022-Aug – Posted August 9th
Businesses and organisations relying on Cisco’s Adaptive Security Appliance (ASA) and Firepower Threat Defence (FTD) firewalls are being advised to take immediate action to protect…
A recent cyber attack has resulted in a serious data breach affecting the World-Check database, a critical tool used by financial institutions and other organisations…
WhatsApp, the popular messaging service owned by Meta, has become a prime target for fraudsters. A recent scam involves the manipulation of the WhatsApp’s verification…
