Tech Gaming Report

Latest Tech & Gaming News

Big attack on Windows: everyone needs this update ASAP

Big attack on Windows: everyone needs this update ASAP

The vulnerability is likely to be the most dangerous. CVE-2022-34713 because not only was it publicly known in advance, but it is also being exploited by attackers. Ironically, the vulnerability is in the Windows Support Diagnostic Tool (MSDT), a tool designed to collect information about problems on the machine and transmit it to Microsoft.

The software is also often used for support requests and covers a wide spectrum from audio and internet to storage and update issues. For the attack to work, users must run a modified .diagcab file used to troubleshoot Windows. Because of this user interaction, Microsoft is only classifying the issue as “important” and not a critical vulnerability.

An executable file is then added to the autostart, which then automatically runs the next time you reboot and can perform any action on the infected computer. For example, the theft of passwords, the forking of any file or the recording of data traffic would be conceivable. According to Microsoft, all current versions of Windows are affected. Therefore, users must react in time and import the provided updates.