Sign In with your
Trend Micro Account

若您需要技術支援,請 按此建立案件。

SECURITY ALERT: Microsoft Windows Support Diagnostic Tool (MSDT) "DogWalk" Remote Code Execution Vulnerability (CVE-2022-34713)

    • 更新於:
    • 15 Aug 2022
    • 產品/版本:
    • 作業系統:
Microsoft issued a new security bulletin as part of August 2022's regular Patch Tuesday releases for Microsoft Windows regarding a 0-Day remote code execution (RCE) vulnerability in the Windows Support Diagnostic Tool (MSDT). This vulnerability has been designated as CVE-2022-34713 and has been reported to have been exploited in-the-wild (ITW).

Protection Against Exploitation

First and foremost, it is always highly recommended that users apply the vendor's patches when they become available. Please see the official advisory for more information and the official fixes that are now available through the regular Patch Tuesday process for Windows.

In addition, Trend Micro has released some detection/protection filters, rules and patterns as another layer of protection to help customers protect against potential exploitation of this vulnerability:

Trend Micro Cloud One - Network Security & TippingPoint ThreatDV Malware Protection Filters
  • Filter 41635: HTTP: Suspicious WebDAV PROPFIND Response

Trend Micro Cloud One - Workload Security, Deep Security & Vulnerability Protection IPS Rules
  • Rule 1011511: Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability (DogWalk) (CVE-2022-34713)

Trend Micro Malware Detection Patterns (VSAPI, Predictive Learning, Behavioral Monitoring and WRS) for Endpoint, Servers, Mail & Gateway (e.g. Apex One, Worry-Free Business Security Services, Worry-Free Business Security Standard/Advanced, Deep Security w/Anti-malware, etc.)

Trend Micro also has protection against known components used in exploits against this vulnerability in the form of the pattern detections:
  • Trojan.XML.CVE202234713.A
  • PUA.W97M.CVE202234713.A

This article will be updated as more information becomes available.
Remove a Malware / Virus



若您需要協助,請聯繫對應的技術支援窗口. 聯絡我們

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.