"CISA Warns of Windows and UnRAR Flaws Exploited in the Wild"

Based on the evidence of active exploitation, the US Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA) has added two more flaws to its list of Known Exploited Vulnerabilities (KEV). One of them has been a zero-day bug in the Windows Support Diagnostic Tool (MSDT) for more than two years, and the exploit code is publicly available. Both security vulnerabilities have a high severity rating and are directory traversal flaws that could allow attackers to plant malware on a target system. The MSDT security flaw called DogWalk allows an attacker to place a malicious executable in the Windows Startup folder. Imre Rad, a researcher, initially reported the issue to Microsoft in January 2020, but his report was misclassified as not describing a security risk and was dismissed as such. This year, security researcher j00sean brought the issue back to public attention by summarizing what an attacker could achieve by exploiting it and providing video proof. Successful exploitation necessitates user interaction, which is easily overcome through social engineering, particularly in email and web-based attacks. This article continues to discuss the two flaws that CISA has added to its KEV catalog.

Bleeping Computer reports "CISA Warns of Windows and UnRAR Flaws Exploited in the Wild"