In-article:

Major Windows attack possible: you must act now


The CVE-2022-34713 vulnerability is probably the most dangerous because it was not only publicly known in advance, but is also being exploited by attackers. Ironically, the vulnerability is in the Windows Support Diagnostic Tool (MSDT), a tool designed to collect information about problems on the machine and transmit it to Microsoft.

The software is also often used for support requests and covers a wide spectrum, from audio and internet to storage and update problems. For the attack to work, users must run a modified .diagcab file used for Windows troubleshooting. Because of this user interaction, Microsoft only classifies the problem as “important” and not as a critical vulnerability.

An executable file is then added to the autostart, which then runs automatically the next time you reboot and can carry out any actions on the infected computer. For example, password theft, branching off of any files or recording of data traffic would be conceivable. According to Microsoft, all current Windows versions are affected. Users should therefore react in good time and import the updates provided.



Source link -61