"Dogwalk": Another MSDT Vulnerability Ignored By Microsoft Like Follina Has Obtained An Unofficial Patch

take 4 minutes to read
Home News Main article

Recently, a zero day vulnerability of Microsoft support diagnostic tool (MSDT) called "follina" surfaced. At that time, security researchers discovered the vulnerability, and due to media reports, the news has spread. Microsoft initially apparently ignored this vulnerability as a non security issue (, but later, the company admitted that it was a remote code execution (RCE) vulnerability and assigned it a trace ID cve-2022-30190.

Although Microsoft does not provide an official patch except for the steps to disable MSDT, the 0patch team has released a micro patch, which you can download from the link of its official blog post.

Following follina, another zero day threat first reported two years ago also surfaced. Like follina, this threat was obviously ignored by Microsoft because the company believed that it did not meet the "instant service requirements".

This vulnerability without tracking ID or CVE is named "dogwalk". It is found to be a path traversal vulnerability, and its payload can be placed in the Windows startup folder.

C:\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

This means that the malware will be executed the next time a user logs on to their system. The downloaded diagcab file has a network tag (MOTW), but MSDT ignores this warning and still runs it, making users vulnerable to this potential exploitation.

The micro patch of 0patch consists of 11 simple instructions, which can basically prevent the operation of this MSDT file. Like follina, it applies to the following Windows versions:

Windows 11 21H2

Windows 10 21H2

Windows 10 21H1

Windows 10 20H2

Windows 10 2004

Windows 10 1909

Windows 10 1903

Windows 10 1809

Windows 10 1803

Windows 7

Windows Server 2008 R2

Windows Server 2012

Windows Server 2012 R2

Windows Server 2016

Windows Server 2019

Windows Server 2022

To download the third-party patch, please go to the official blog post of 0patch linked here. You can also find more technical details in the article:

What's The Use Of Finding Amino Acids In Extraterrestrial Life?
« Prev 06-08
IETF Officially Issued Http/3 RFC Document: Quic Mapping Or Accelerating Network Transformation
Next » 06-08