New exploit threatens Microsoft Office and receives unofficial fixes from the company

new A zero-day vulnerability lurks in the Microsoft Diagnostic Tool (MSDT). By the name of DogWalk, Microsoft is ignoring it because the company believes it does not qualify for immediate service.

At the beginning of June, we already reported on another zero-day vulnerability affecting Microsoft Office and is a problem for all users using Microsoft office programs.

What is happening with this is that attackers are using Word documents that are specifically designed to be the key element when it comes to accessing the Windows Management Shell and therefore executing the lines of code they want, and nothing can stop them.

They took advantage of the vulnerability nicknamed Follina in order to be able to access the Microsoft Diagnostic Tool. With this one on the table, as with DogWlak, Microsoft only offered steps to disable MSDT and no update has been released to completely resolve this situation.

Regarding DogWalk, we know from Neowin that this is a path crossing vulnerability that attackers can use to copy the executable to the windows startup folder when the target opens a malicious .diagcab file (either received via email or downloaded from the Internet).

This vulnerability was first publicly disclosed in 2020 via Twitter, after Microsoft reacted in the same way it is now. However, the bug was recently re-discovered and reported again.

The 0patch micropatch is designed to address this issue. consists of 11 instructions, seemingly simple ones that block the execution of this MSDT file. Like Follina, it’s available for Windows versions, which you can find here.

We also leave you a micropatch download link in the article, which directs you to the official 0patch blog post.

Although Microsoft has said that Outlook users are not at risk because .diagcab files are automatically blocked, researchers and security experts think otherwise.