Microsoft Patches Zero-Day Actively Exploited in the Wild

The computing giant issued a massive Patch Tuesday update, including a pair of remote execution flaws in the Microsoft Support Diagnostic Tool (MSDT) after attackers used one of the vulnerabilities in a zero-day exploit.

Microsoft patched 118 vulnerabilities in its software products and components on Aug. 9, including a flaw that attackers have exploited in the wild to run malicious code when users click on a link, according to security experts.
The patches, part of Microsofts regularly scheduled Patch Tuesday, fixed the zero-day vulnerability (CVE-2022-34713) and a second remote code execution (RCE) vulnerability (CVE-2022-35743) in the Microsoft Support Diagnostic Tool (MSDT) that has not yet been exploited.
The MSDT vulnerabilities are a variant of an issue that researchers have called DogWalk, public discussion of which began about 18 months ago, although it has been exploited only recently, Satnam Narang, a staff research engineer at cybersecurity firm Tenable, tells Dark Reading.
The MSDT vulnerabilities give attackers the ability to use the MSDT protocol through a URL contained in a document — such as a Microsoft Office Word file — that, when clicked, will execute code in the security context of the application.
An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application, Microsoft
stated in its advisory for the previous MSDT exploit
. The attacker can then install programs, view, change, or delete data, or create new accounts in the context allowed by the user’s rights.
Security teams that cannot apply the patch can disable the MSDT URL protocol, update their Microsoft Defender detections, or rely on Protected View and Application Guard for Office to prevent the current attacks.
The zero-day vulnerability, and a previous one exploited in May, are being used by attackers in phishing campaigns, Narang says.
[I]t would appear that attackers are looking to take advantage of flaws within MSDT as these types of flaws are extremely valuable to launch spear-phishing attacks, he says. Weve seen flaws ... continue to be exploited years after patches have been made available. Therefore, it is vital that organizations apply the available patches as soon as possible.
The
tranche of updates
fixes 17 vulnerabilities rated critical and 101 rated important. Elevation-of-privilege issues dominated the patches, accounting for 64 of the CVEs, while RCE vulnerabilities make up 31 of the 118 security issues fixed in the software updates, according to
Tenables analysis of the updates
. Information-disclosure vulnerabilities account for 12 of the patched vulnerabilities, and denial-of-service issues account for seven vulnerabilities. Another three vulnerabilities allowed security features to be bypassed.
The vulnerabilities — along with
another 25 flaws issued by Adobe
on the same day and nearly 20 issues released for Microsofts Edge browser on Friday — highlight the workload faced by security teams on Patch Tuesday.
The volume of fixes released this month is markedly higher than what is normally expected in an August release, Dustin Childs, security communications manager for Trend Micros Zero Day Initiative, wrote in
a review of the updates released on Patch Tuesday
. It’s almost triple the size of last years August release, and its the second largest release this year.
Some companies have reported that Microsoft fixed 121 flaws, rather than 118, but that tally includes three issues in Windows Secure Boot that previously were reported through the CERT Coordination Center and are updates to third-party drivers, according to Tenables analysis.
While the MSDT vulnerabilities are the most critical to fix, more than a third of the vulnerabilities fixed by the patches occur in local components of Microsoft Azure, including 34 vulnerabilities in Azure Site Recovery software, eight flaws in the Azure Real Time Operating Systems, and a single vulnerability for Azure Sphere and the Azure Batch Node Agent.
The updates also fix vulnerabilities in the code handling older tunneling protocols, such as Point-to-Point Protocol (PPP) and Secure Socket Tunneling Protocol (SSTP), including four vulnerabilities affecting Windows PPP and nine affecting the SSTP functionality.
These are older protocols that should be blocked at your perimeter, Trend Micros Childs
wrote in the ZDI analysis of the patches
. However, if youre still using one of these, it’s probably because you need it, so don’t miss these patches.
Microsoft is not the only company to drop significant monthly patches. Adobe also
published updates to fix 25 vulnerabilities
in five different products, including Adobe Commerce, Adobe Acrobat and Reader, Adobe Illustrator, Adobe FrameMaker, and Adobe Premier Elements.
None of the bugs fixed by Adobe this month are listed as publicly known or under active attack at the time of release, Childs wrote. Adobe categorizes the majority of these updates as a deployment priority rating of 3, with the Acrobat patch being the lone exception at 2.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Microsoft Patches Zero-Day Actively Exploited in the Wild