Security News > 2022 > August > Microsoft fixes exploited zero-day in Windows Support Diagnostic Tool (CVE-2022-34713)
The August 2022 Patch Tuesday has arrived, with fixes for an unexpectedly high number of vulnerabilities in various Microsoft products, including two zero-days: one actively exploited and one not yet.
CVE-2022-34713 is a vulnerability in Microsoft Windows Support Diagnostic Tool that allows for remote code execution.
"Anything actively exploited in the wild must be at the top of the list of things to patch. This one is related to a wave of attacks in May when malicious documents were used to gain code execution via the MSDT tool," noted Kevin Breen, Director of Cyber Threat Research at Immersive Labs.
"We've seen flaws like CVE-2017-11882, a remote code execution bug in Microsoft Office, continue to be exploited years after patches have been made available. For attackers, bugs that can be executed via malicious documents remain a valuable tool, so flaws like Follina and CVE-2022-34713 will continue to be used for months. Therefore, it is vital that organizations apply the available patches as soon as possible."
CVE-2022-30134 is a publicly known information disclosure vulnerability that affects Microsoft Exchange and could be exploited by attackers to read targeted email messages, but it's not under attack at the moment.
"Rarely are elevation of privilege bugs rated Critical, but these certainly qualify. These bugs could allow an authenticated attacker to take over the mailboxes of all Exchange users. They could then read and send emails or download attachments from any mailbox on the Exchange server. Administrators will also need to enable Extended Protection to fully address these vulnerabilities," noted Dustin Childs, with Trend Micro's Zero Day Initiative.
News URL
https://www.helpnetsecurity.com/2022/08/09/cve-2022-34713/
Related news
- Microsoft patches Windows zero-day exploited in attacks on Ukraine (source)
- Researchers Uncover OS Downgrade Vulnerability Targeting Microsoft Windows Kernel (source)
- New Windows Themes zero-day gets free, unofficial patches (source)
- Windows Themes zero-day bug exposes users to NTLM credential theft (source)
- Microsoft fixes Windows 10 bug causing apps to stop working (source)
- Microsoft wants $30 if you want to delay Windows 11 switch (source)
- Microsoft delays Windows Recall again, now by December (source)
- Microsoft Delays Windows Copilot+ Recall Release Over Privacy Concerns (source)
- Week in review: Windows Themes spoofing bug “returns”, employees phished via Microsoft Teams (source)
- Microsoft confirms Windows Server 2025 blue screen, install issues (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-08-09 | CVE-2022-34713 | Unspecified vulnerability in Microsoft products Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability | 0.0 |
2022-08-09 | CVE-2022-30134 | Unspecified vulnerability in Microsoft Exchange Server 2013/2016/2019 Microsoft Exchange Server Information Disclosure Vulnerability | 0.0 |
2017-11-15 | CVE-2017-11882 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Office Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Microsoft Office 2016 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". | 7.8 |