Windows' "Defender" software is supposed to detect malware. But its Microsoft team is now investigating reports that it's mistakenly flagging Electron-based or Chromium-based applications — as malware.

"It's a false positive, and your computer is OK," wites the blog Windows Central: This morning, many people worldwide experienced Microsoft Defender warning them of a recurring virus threat.... People on Reddit are "freaking out" over not just a reported threat from Microsoft Defender but one that keeps popping up and recurring despite the alleged threat being blocked.

The threat is revealed in a pop-up message noting that "Behavior:Win32/Hive.ZY" has been detected and is listed as "severe." However, after taking action to rectify the issue, it does not go away, and the user will keep receiving the same prompt. The reminder may return after 20 seconds, with the cycle repeating endlessly.

This detection appears to be a false positive, according to a Microsoft Support forum... From DaveM121, an Independent Advisor: [I]t is a bug currently being reported by hundreds of people at the moment, it seems to be related to all Chromium based web browsers and Electron based apps like Whatsapp, Discord, Spotify, etc....
Also affected are Google Chrome and even Microsoft Edge, as well as "anything that runs Visual Studio Code," according to the article.

"The problem seems to originate from Defender's Definition/Update Version 1.373.1508.0, meaning Microsoft needs to update that file, and the issue should be resolved."

It's the 29-year-old "compatibility layer" that lets Windows software run on Unix-like systems (including games). And Neowin reports that Wine's latest version has "meaningful fixes" for Steam Deck, HoloISO, and Chimera OS gamers.

Slashdot reader segaboy81 writes: Saint's Row players rejoice! Wine 7.16 has been released and ships with fixes for this, Metal Gear Solid and Star Citizen. [As well as Ragnarok Online.] Though Deck owners may have to wait for these changes to be merged upstream.
"There are a lot of fixes for other non-gaming Windows-y stuff," Neowin adds, "and you can check out those changes at WineHQ."

"There's been a big rise in ransomware attacks targeting Linux," reports ZDNet, "as cyber criminals look to expand their options and exploit an operating system that is often overlooked when businesses think about security." According to analysis by cybersecurity researchers at Trend Micro, Linux servers are "increasingly coming under fire" from ransomware attacks, with detections up by 75% over the course of the last year as cyber criminals look to expand their attacks beyond Windows operating systems.

Linux powers important enterprise IT infrastructure including servers, which makes it an attractive target for ransomware gangs — particularly when a perceived lack of threat to Linux systems compared with Windows means that cybersecurity teams might choose to focus on defending Windows networks against cybercrime. Researchers note that ransomware groups are increasingly tailoring their attacks to focus specifically on Linux systems. For example, LockBit is one of the most prolific and successful ransomware operations of recent times and now offers the option of a Linux-based variant that is designed to target Linux systems and has been used to conduct attacks in the wild....

And it isn't just ransomware groups that are increasingly turning their attentions towards Linux — according to Trend Micro, there's been a 145% increase in Linux-based cryptocurrency-mining malware attacks, where cyber criminals secretly exploit the power of infected computers and servers to mine for cryptocurrency for themselves. One of the ways cyber criminals are compromising Linux systems is by exploiting unpatched vulnerabilities. According to the report, these flaws include CVE-2022-0847 — also known as Dirty Pipe — a bug that affects the Linux kernel from versions 5.8 and up, which attackers can use to escalate their privileges and run code. Researchers warn that this bug is "relatively easy to exploit".
The article recommends installing all security patches as soon as they're available — and implementing multi-factor authentication across your organization.

And yes, it's the real ZDNet. They've just re-designed their web site...

Lenovo is finally selling AR glasses for consumers with the recently-announced Lenovo Glasses T1, which Ars Technica's Scharon Harding got to demo. Here's an excerpt from her report: With their Micro OLED displays and required tether to Windows, macOS, Android, or iOS devices, they bring some notable features to a space that has piqued industry-wide interest but is still likely far from becoming ubiquitous. The early version of the T1 I tried had limited features; I was mostly only able to view a homepage with basic menu options and a desktop with icons for apps, like web browsing. Although the glasses weren't ready for me to watch a movie or hop around apps, I was impressed at how clear text and menu items were. This was in a sunny room with exceedingly tall windows. Even when facing sunlight, the few colors on display seemed vibrant and the text legible.

Lenovo specs the displays with 10,000:1 contrast and 1920x1080 pixels per eye. The glasses are also TUV-certified for low blue light and flicker reduction, according to Lenovo. Much more time is needed to explore and challenge the Micro OLED displays before I pass final judgment. But the combination of smaller pixels and, from what I saw thus far, strong colors, should accommodate screens so close to the eyes. More broadly speaking, brightness can be a concern with OLED technologies, but the small demo I saw fared well in a sun-flushed room.

I used the Glasses T1 while it was connected to an Android smartphone via its USB-C cable, but it's also supposed to work with PCs, macOS devices, and, via an adapter sold separately, iPhones. [...] With no processor or battery, it's easier for the glasses to stay trim. There are also no sensors or cameras like the Lenovo ThinkReality A3, announced last year, has. Other T1 features include a pair of speakers (one near each temple) and the ability to add prescription lenses. [...] The Glasses T1 are expected to be available in select markets in 2023 after debuting in China (as the Lenovo Yoga Glasses) this year. Lenovo didn't set a price, but I was told it's hoping to keep the glasses under $500.

Intel has made available versions of its 12th-generation Core processors optimized for edge and IoT applications, claiming the purpose-built chips enable smaller form factor designs, but with the AI inferencing performance to analyze data right at the edge. The Register reports: The latest members of the Alder Lake family, the 12th Gen Intel Core SoC processors for IoT edge (formerly Alder Lake PS) combine the performance profile and power envelope of the mobile chips but the LGA socket flexibility of the desktop chips, according to Intel, meaning they can be mounted directly on a system board or in a socket for easy replacement. Delivered as a multi-chip package, the new processors combine the Alder Lake cores with an integrated Platform Controller Hub (PCH) providing I/O functions and integrated Iris Xe graphics with up to 96 graphics execution units. [...]

Intel VP and general manager of the Network and Edge Compute Division Jeni Panhorst said in a statement that the new processors were designed for a wide range of vertical industries. "As the digitization of business processes continues to accelerate, the amount of data created at the edge and the need for it to be processed and analyzed locally continues to explode," she said. Another key capability for managing systems deployed in edge scenarios is that these processors include Intel vPro features, which include remote management capabilities built into the hardware at the silicon level, so an IT admin can reach into a system and perform actions such as changing settings, applying patches or rebooting the platform.

The chips support up to eight PCIe 4.0 lanes, and four Thunderbolt 4/USB4 lanes, with up to 64GB of DDR5 or DDR4 memory, and the graphics are slated to deliver four 4K displays or one 8K display. Operating system support includes Windows 10 IoT Enterprise 2021 Long Term Servicing Channel (LTSC) and Linux options. Intel said the new SoCs are aimed at a broad range of industries, including point-of-sale kit in the retail, banking, and hospitality sectors, industrial PCs and controllers for the manufacturing industry, plus healthcare.

An anonymous reader quotes a report from Ars Technica: The United Kingdom's Competition and Markets Authority (CMA) is challenging Microsoft and Activision Blizzard to justify their planned merger, saying the deal "could substantially lessen competition" in the gaming industry. A CMA announcement today cited concerns about "competition in gaming consoles, multi-game subscription services, and cloud gaming services (game streaming)." Microsoft announced its plan to buy Activision Blizzard for $68.7 billion in January.

"Microsoft is one of three large companies, together with Sony and Nintendo, that have led the market for gaming consoles for the past 20 years with limited entries from new rivals," the CMA said. "Activision Blizzard has some of the world's best-selling and most recognizable gaming franchises, such as Call of Duty and World of Warcraft. The CMA is concerned that if Microsoft buys Activision Blizzard it could harm rivals, including recent and future entrants into gaming, by refusing them access to Activision Blizzard games or providing access on much worse terms."

The CMA said these "concerns warrant an in-depth Phase 2 investigation," so Microsoft and Activision Blizzard have been ordered "to submit proposals to address the CMA's concerns" within five working days. "If suitable proposals are not submitted, the deal will be referred for a Phase 2 investigation," which would "allow an independent panel of experts to probe in more depth the risks identified at Phase 1," the CMA said. Besides Microsoft's Xbox console, the CMA noted Microsoft's Azure cloud computing platform and the Windows operating system. "The CMA is concerned that Microsoft could leverage Activision Blizzard's games together with Microsoft's strength across console, cloud, and PC operating systems to damage competition in the nascent market for cloud gaming services," the announcement said. "A Phase 2 investigation (PDF) can result in a merger being prohibited or a requirement to sell some parts of the business," notes Ars. "A Phase 2 investigation is typically limited to 24 weeks but can be extended by up to eight weeks."

"After a final report, 'the CMA has a statutory deadline of 12 weeks (extendable by up to six weeks for special reasons) to make an order or accept undertakings to give effect to its Phase 2 remedies.'"

An anonymous reader quotes a report from The Verge: In the spring of 2022, Twitter considered making a radical change to the platform. After years of quietly allowing adult content on the service, the company would monetize it. The proposal: give adult content creators the ability to begin selling OnlyFans-style paid subscriptions, with Twitter keeping a share of the revenue. Had the project been approved, Twitter would have risked a massive backlash from advertisers, who generate the vast majority of the company's revenues. But the service could have generated more than enough to compensate for losses. OnlyFans, the most popular by far of the adult creator sites, is projecting $2.5 billion in revenue this year -- about half of Twitter's 2021 revenue -- and is already a profitable company.

Some executives thought Twitter could easily begin capturing a share of that money since the service is already the primary marketing channel for most OnlyFans creators. And so resources were pushed to a new project called ACM: Adult Content Monetization. Before the final go-ahead to launch, though, Twitter convened 84 employees to form what it called a "Red Team." The goal was "to pressure-test the decision to allow adult creators to monetize on the platform, by specifically focusing on what it would look like for Twitter to do this safely and responsibly," according to documents obtained by The Verge and interviews with current and former Twitter employees. What the Red Team discovered derailed the project: Twitter could not safely allow adult creators to sell subscriptions because the company was not -- and still is not -- effectively policing harmful sexual content on the platform.

"Twitter cannot accurately detect child sexual exploitation and non-consensual nudity at scale," the Red Team concluded in April 2022. The company also lacked tools to verify that creators and consumers of adult content were of legal age, the team found. As a result, in May -- weeks after Elon Musk agreed to purchase the company for $44 billion -- the company delayed the project indefinitely. If Twitter couldn't consistently remove child sexual exploitative content on the platform today, how would it even begin to monetize porn? Launching ACM would worsen the problem, the team found. Allowing creators to begin putting their content behind a paywall would mean that even more illegal material would make its way to Twitter -- and more of it would slip out of view. Twitter had few effective tools available to find it. Taking the Red Team report seriously, leadership decided it would not launch Adult Content Monetization until Twitter put more health and safety measures in place. "Twitter still has a problem with content that sexually exploits children," reports The Verge, citing interviews with current and former staffers, as well as 58 pages of internal documents. "Executives are apparently well-informed about the issue, and the company is doing little to fix it."

"While the amount of [child sexual exploitation (CSE)] online has grown exponentially, Twitter's investment in technologies to detect and manage the growth has not," begins a February 2021 report from the company's Health team. "Teams are managing the workload using legacy tools with known broken windows. In short, [content moderators] are keeping the ship afloat with limited-to-no-support from Health."

Part of the problem is scale while the other part is mismanagement, says the report. "Meanwhile, the system that Twitter heavily relied on to discover CSE had begun to break..."

An anonymous reader quotes a report from The Register: Germany has ordered overnight shutdowns for non-essential digital signage, to save its reserves of natural gas for more important purposes. Like many European nations, Germany relies on natural gas imported from Russia. And thanks to Russia's illegal invasion of Ukraine, that gas is currently in short supply. The European Union has therefore implemented an energy saving plan. One of Germany's tactics is requiring digital signage in shop windows and other non-essential locations to be turned off between 10:00PM and 6:00AM. Germany will also stop external lighting of some public buildings and implement many other power-saving measures. The plan [PDF] requiring the switch-off was published on August 12, with a deadline of September 1.

But as German outlet Invidis reports, the regulation was unhelpfully vague. For starters an updated ordinance [PDF] appears to have made the simple mistake of substituting 06:00 and 16:00 -- meaning digital signage could only run from 4PM to 10PM. Invidis also pointed out that digital signage at bus stops and train stations can do double duty displaying ads and timetable information. Exceptions for such dual-purpose signs have been arranged. Those errors and ambiguities have reportedly left those who run digital signs unsure of what they needed to do and worried they might miss the deadline.

Further complicating matters is a requirement to turn off the screens altogether rather than leaving the displays blank. Digital signage is seldom switched off, and retail staff will have to learn how to do that. Many digital signs also include a computer -- some are Android machines, others use compute sticks, the Intel NUC and even the Raspberry Pi. Admins will therefore need to cope with extra reboots. And then there's the matter of content updates, which are often scheduled overnight. All of which adds up to a stressful moment for admins of digital signage, and not much time to get things right.

Responding to a three-year-old complaint, Microsoft today said that it would fix its unfair licensing terms in the EU. From a report: "We recognize the importance of a competitive environment in the European cloud provider market, in which smaller competitors can thrive," a new post to the Microsoft Corporate Blogs notes. "It is therefore critical for us to remain mindful of our responsibilities as a major technology company." In 2019, several Microsoft customers in the EU complained that the software giant was making it prohibitively expensive to run Windows and Office workloads on non-Azure cloud platforms like AWS and Google Cloud, triggering inquiries from EU antitrust regulators. Microsoft immediately responded that the complaints were "valid," but it did nothing to address them in any material way.

In May 2022, Microsoft finally came up with a response, announcing that it would make it less expensive for customers to run Microsoft software like Windows, Windows Server, Office, and SQL Server on non-Microsoft cloud platforms in the EU. But it wasn't until today that the software giant announced the details and timing of this plan. Now, Microsoft says that it will implement "major revisions and upgrades to its outsourcing and hosting terms" that go into effect on October 1, 2022. It will be easier and more cost-effective for customers to use Microsoft software on competing cloud platforms, it says, and for its partners to build hosted desktop and server solutions that meet their customers' needs.

Following a preview in April, Microsoft this morning announced the general availability of virtual machines (VMs) on Azure featuring the Ampere Altra, a processor based on the Arm architecture. From a report: The first Azure VMs powered by Arm chips, Microsoft says that they're accessible in 10 Azure regions today and can be included in Kubernetes clusters managed using Azure Kubernetes Service beginning on September 1.

The Azure Arm-based VMs have up to 64 virtual CPU cores, 8 GB of memory per core and 40 Gbps of networking bandwidth as well as SSD local and attachable storage. Microsoft describes them as "engineered to efficiently run scale-out, cloud-native workloads," including open source databases, Java and .NET applications and gaming, web, app and media servers. Preview releases of Windows 11 Pro and Enterprise and Linux OS distributions including Canonical Ubuntu, Red Hat Enterprise Linux, SUSE Enterprise Linux, CentOS and Debian are available on the VMs day one, with support for Alma Linux and Rocky Linux to arrive in the future. Microsoft notes that Java apps in particular can run with few additional code changes, thanks to the company's contributions to the OpenJDK project.

Google is trying "to make it easier for developers to create Android apps that connect in some way across a range of devices," reports the Verge. Documentation for the software development kit says it will simplify development for "multi-device experiences."

"The Cross device SDK is open-source and will be available for different Android surfaces and non-Android ecosystem devices (Chrome OS, Windows, iOS)," explains the documentation, though the current developer preview only works with Android phones and tablets, according to the Verge.

But they report that Google's new SDK "contains the tools developers need to make their apps play nice across Android devices, and, eventually non-Android phones, tablets, TVs, cars, and more." The SDK is supposed to let developers do three key things with their apps: discover nearby devices, establish secure connections between devices, and host an app's experience across multiple devices. According to Google, its cross-device SDK uses Wi-Fi, Bluetooth, and ultra-wideband to deliver multi-device connectivity.... [I]t could let multiple users on separate devices choose items from a menu when creating a group food order, saving you from passing your phone around the room. It could also let you pick up where you left off in an article when swapping from your phone to a tablet, or even allow the passengers in a car to share a specific map location with the vehicle's navigation system.

It almost sounds like an expansion of Nearby Share, which enables users on Android to transfer files to devices that use Chrome OS and other Androids. In April, Esper's Mishaal Rahman spotted an upcoming Nearby Share update that could let you quickly share files across the devices that you're signed into Google with. Google also said during a CES 2022 keynote that it will bring Nearby Share to Windows devices later this year.
"This SDK abstracts away the intricacies involved with working with device discovery, authentication, and connection protocols," argues Google's blog post, "allowing you to focus on what matters most — building delightful user experiences and connecting these experiences across a variety of form factors and platforms."

joshuark shares a report from PCMag: The official Windows developer documentation team at Microsoft decided to ask Microsoft Archivist Amy Stevenson "What was the largest piece of software we ever shipped?" The answer may surprise you... [T]he award goes to Microsoft C/C++ compiler with the Windows SDK, which was released in 1992 and weighed over 40 pounds. It included Microsoft C/C++ 7.0 in a box that was more than two feet long and allowed a developer to produce MS-DOS, Windows, and OS/2 applications. As Stevenson points out, "we never did that again," and the next product launched was Visual C++.

Microsoft could be preparing to name its next big OS update the "Windows 11 2022 Update." A report adds: References to this naming have appeared in near-final versions of the next big Windows 11 release, currently named 22H2. Twitter user XenoPanther spotted the Windows 11 2022 Update naming in the Get Started app that appears when you set up a new PC. The naming could simply be a placeholder, or it could indicate Microsoft is finally simplifying its often confusing update names for Windows. We've seen a variety of names over the years, including the Creators Update naming for a big Windows 10 update, more mundane naming like the Windows 10 May 2021 Update, and more recently, the Windows 10 21H2 moniker. Microsoft had considered naming its updates after animals or people but transitioned to the more safe monthly naming instead of point releases like Apple does with iOS, iPadOS, watchOS, and many other software updates. A move to just the yearly naming for Windows 11 updates would make sense if Microsoft is planning fewer big drops of features.

The USB Rubber Ducky "has a new incarnation, released to coincide with the Def Con hacking conference this year," reports The Verge. From the report: To the human eye, the USB Rubber Ducky looks like an unremarkable USB flash drive. Plug it into a computer, though, and the machine sees it as a USB keyboard -- which means it accepts keystroke commands from the device just as if a person was typing them in. The original Rubber Ducky was released over 10 years ago and became a fan favorite among hackers (it was even featured in a Mr. Robot scene). There have been a number of incremental updates since then, but the newest Rubber Ducky makes a leap forward with a set of new features that make it far more flexible and powerful than before.

With the right approach, the possibilities are almost endless. Already, previous versions of the Rubber Ducky could carry out attacks like creating a fake Windows pop-up box to harvest a user's login credentials or causing Chrome to send all saved passwords to an attacker's webserver. But these attacks had to be carefully crafted for specific operating systems and software versions and lacked the flexibility to work across platforms. The newest Rubber Ducky aims to overcome these limitations.

It ships with a major upgrade to the DuckyScript programming language, which is used to create the commands that the Rubber Ducky will enter into a target machine. While previous versions were mostly limited to writing keystroke sequences, DuckyScript 3.0 is a feature-rich language, letting users write functions, store variables, and use logic flow controls (i.e., if this... then that). That means, for example, the new Ducky can run a test to see if it's plugged into a Windows or Mac machine and conditionally execute code appropriate to each one or disable itself if it has been connected to the wrong target. It also can generate pseudorandom numbers and use them to add variable delay between keystrokes for a more human effect. Perhaps most impressively, it can steal data from a target machine by encoding it in binary format and transmitting it through the signals meant to tell a keyboard when the CapsLock or NumLock LEDs should light up. With this method, an attacker could plug it in for a few seconds, tell someone, "Sorry, I guess that USB drive is broken," and take it back with all their passwords saved.

An anonymous reader quotes a report from Ars Technica: It sounds like something out of an urban legend: Some Windows XP-era laptops using 5400 RPM spinning hard drives can allegedly be forced to crash when exposed to Janet Jackson's 1989 hit "Rhythm Nation." But Microsoft Software Engineer Raymond Chen stands by the story in a blog post published earlier this week, and the vulnerability has been issued an official CVE ID by The Mitre Corporation, lending it more credibility. According to Chen, CVE-2022-38392 was originally discovered by "a major computer manufacturer," and it can affect not just the laptop playing the song but adjacent laptops from other PC companies as well.

The specific hard drive model at issue -- again from an unnamed manufacturer -- would crash because "Rhythm Nation" used some of the same "natural resonant frequencies" that the drives used, interfering with their operation. Anyone trying to independently recreate this problem will face several obstacles, including the age of the laptops involved and a total lack of specificity about the hard drives or computer models. The CVE entry mentions "a certain 5400 RPM OEM hard drive, as shipped with laptop PCs in approximately 2005" and links back to Chen's post as a primary source. And while some Windows XP-era laptop hard drives may still be kicking out there somewhere, after almost two decades, it's more likely that most of them have died of natural causes. The PC manufacturer was able to partially resolve the issue "by adding a custom filter in the audio pipeline that detected and removed the offending frequencies during audio playbanck," says Chen. However, these HDDs would still crash if they were exposed to another device that was playing the song.

Nvidia is upgrading its GeForce Now game streaming service to support 1440p resolution at 120fps in a Chrome or Edge browser. GeForce Now members on the RTX 3080 tier of the service will be able to access the new browser gameplay options today by selecting 1440p on the GeForce Now web version. From a report: Nvidia originally launched its RTX 3080 GeForce Now membership tier last year, offering streams of up to 1440p resolution with 120fps on PCs and Macs or 4K HDR at 60fps on Nvidia's Shield TV. Previously, you had to download the dedicated Mac or Windows apps to access 1440p resolution and 120fps support, as the web version was limited to 1080p at 60fps.

Microsoft is rolling out a taskbar notification system to its Windows 11 widgets this week. While the weather widget returned to Windows 11 earlier this year, it's largely been a static experience that displays a sunny icon when the weather is good and an umbrella icon when it's raining and sucks to be outside. That's all changing this week, as Microsoft is now adding live animations to this taskbar widget. From a report: All Windows 11 users will start to see these new widget notifications in the coming days and weeks, thanks to an update to the Windows Web Experience Pack that powers Microsoft's widgets feature. The notifications appear as live animations on the taskbar weather widget, and include alerts for thunderstorms and even ticker alerts when stocks you're following go up or down. "When something important happens related to one of your other widgets, you may see an announcement from that widget on your taskbar," explains Microsoft in a support article. "These announcements are meant to be quick and glanceable, and if you don't interact with them, the taskbar will return to showing you the weather."

Microsoft is planning to release its next big Windows 11 update, version 22H2, on September 20th. The Verge: Sources familiar with Microsoft's plans tell The Verge Microsoft will roll out Windows 11 22H2 through Windows Update on September 20th, a week after the company's regular Patch Tuesday fixes. Microsoft has been testing Windows 11 22H2 for months, and it will include a number of new improvements, like app folders in the Start menu, drag and drop on the taskbar, and new touch gestures and animations. Microsoft is also adding a new Live Captions accessibility feature with 22H2, which is ideal for people who are deaf, hard of hearing, or anyone who wants to caption audio automatically. Similarly, a new Voice Access tool that allows people to control their PCs by using voice commands is part of 22H2.

The Task Manager is also being overhauled in Windows 11 22H2, with a new dark mode and a far better layout that includes a new command bar and an efficiency mode to limit apps from consuming resources. Snap Layouts will also be greatly improved in 22H2, making it easier to drag and app to reveal all the layouts you can use to arrange apps. Microsoft is also working on tabs for File Explorer, which will arrive a little later than September 20th.

Long-time Slashdot reader drinkypoo writes: John Deere, current and historic American producer of farming equipment, has long been maligned for their DRM-based lockdowns of said equipment which can make it impossible for farmers to perform their own service. Now a new security bypass has been discovered for some of their equipment, which has revealed that it is in general based on outdated versions of Linux and Windows CE.

Carried out by Sick Codes, the complete attack involves attaching hardware to the PCB inside a touchscreen controller, and ultimately produces a root terminal.

In the bargain and as a result, the question is being raised about JD's GPL compliance.
Sick Codes isn't sure how John Deere can eliminate this vulnerability (beyond overhauling designs to add full disk encryption to future models). But Wired also notes that "At the same time, though, vulnerabilities like the ones that Sick Codes found help farmers do what they need to do with their own equipment."

Although the first thing Sick Codes did was get the tractor running a farm-themed version of Doom.

joshuark shares a report from Computerworld: Despite previously claiming the DogWalk vulnerability did not constitute a security issue, Microsoft has now released a patch to stop attackers from actively exploiting the vulnerability. [...] The vulnerability, known as CVE-2022-34713 or DogWalk, allows attackers to exploit a weakness in the Windows Microsoft Support Diagnostic Tool (MSDT). By using social engineering or phishing, attackers can trick users into visiting a fake website or opening a malicious document or file and ultimately gain remote code execution on compromised systems. DogWalk affects all Windows versions under support, including the latest client and server releases, Windows 11 and Windows Server 2022.

The vulnerability was first reported in January 2020 but at the time, Microsoft said it didn't consider the exploit to be a security issue. This is the second time in recent months that Microsoft has been forced to change its position on a known exploit, having initially rejected reports that another Windows MSDT zero-day, known as Follina, posed a security threat. A patch for that exploit was released in June's Patch Tuesday update.