CySecurity News – Latest Information Security and Hacking Incidents
Today, the 0patch platform has released free unofficial patches for a new Windows zero-day vulnerability in the Microsoft Support Diagnostic Tool (MSDT).
The security flaw tracked as ‘Dogwalk’ is a path traversal flaw that can exploit to copy an executable to the Windows Startup folder when the victim opens a maliciously crafted .diagcab file (received via email or downloaded from the web).
“The vulnerability lies in the Microsoft Diagnostic Tool’s sdiageng.dll library, which takes the attacker-supplied folder path from the package configuration XML file inside the diagcab archive, and copies all files from that folder to a local temporary folder…” 0patch told in a post0.
“…During this process, it enumerates files in the attacker’s folder, gets the file name for each of them, then glues together the local temporary path and that file name to generate the local path on the computer where the file is to be created..”
As per the technical data, this flaw was first publicly discovered by security researcher Imre Rad in January 2020, however, Microsoft denied launching patches for the vulnerability because it was not a security issue, according to Microsoft.
However, recently, the bug was re-discovered by security researcher j00sean. Following the same issue, Microsoft reported that the Outlook users are safe because .diagcab automatically will block.
Until Microsoft comes with official security patches for this zero-day bug, the 0patch micro patching service has already launched unofficial and free downloaded patches for most affected Windows vers
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: