Microsoft fixes exploited zero-day in Windows Support Diagnostic Tool (CVE-2022-34713)

The August 2022 Patch Tuesday has arrived, with fixes for an unexpectedly high number of vulnerabilities in various Microsoft products, including two zero-days: one actively exploited (CVE-2022-34713) and one not yet (CVE-2022-30134). Vulnerabilities to prioritize CVE-2022-34713 is a vulnerability in Microsoft Windows Support Diagnostic Tool (MSDT) that allows for remote code execution. For an attacker to exploit it, they must trick targets into opening a specially crafted file (delivered via email or downloaded from a … More

The post Microsoft fixes exploited zero-day in Windows Support Diagnostic Tool (CVE-2022-34713) appeared first on Help Net Security.

This article has been indexed from Help Net Security

Read the original article:

Liked it? Take a second to support IT Security News on Patreon!
Become a patron at Patreon!