{"id":10926,"date":"2022-08-15T12:05:08","date_gmt":"2022-08-15T09:05:08","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=10926"},"modified":"2022-08-15T12:05:08","modified_gmt":"2022-08-15T09:05:08","slug":"dogwalk-vulnerability-patch-tuesday-08-2022","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/dogwalk-vulnerability-patch-tuesday-08-2022\/10926\/","title":{"rendered":"DogWalk ve di\u011fer g\u00fcvenlik a\u00e7\u0131klar\u0131"},"content":{"rendered":"<p>Microsoft sal\u0131 g\u00fcn\u00fc yay\u0131nlad\u0131\u011f\u0131 bu A\u011fustos yamas\u0131yla y\u00fczden fazla g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131 onard\u0131. Kurumsal siber g\u00fcvenlik \u00e7al\u0131\u015fanlar\u0131n\u0131n bu g\u00fcvenlik a\u00e7\u0131klar\u0131ndan baz\u0131lar\u0131na \u00f6zellikle dikkat etmesi gerekiyor. Bunlar\u0131n aras\u0131nda ikisi s\u0131f\u0131r g\u00fcn olmak \u00fczere 17 kritik g\u00fcvenlik a\u00e7\u0131\u011f\u0131 var. G\u00fcvenlik a\u00e7\u0131klar\u0131ndan en az biri ger\u00e7ek d\u00fcnyada halihaz\u0131rda aktif olarak k\u00f6t\u00fcye kullan\u0131ld\u0131\u011f\u0131 i\u00e7in yama uygulamas\u0131n\u0131 ertelememek gerekiyor. ABD Siber G\u00fcvenlik ve Altyap\u0131 G\u00fcvenli\u011fi Ajans\u0131 da bu g\u00fcncellemenin dikkate al\u0131nmas\u0131n\u0131 <a href=\"https:\/\/www.cisa.gov\/uscert\/ncas\/current-activity\/2022\/08\/09\/microsoft-releases-august-2022-security-updates\" target=\"_blank\" rel=\"noopener nofollow\">\u00f6neriyor<\/a>.<\/p>\n<h2>DogWalk (di\u011fer ad\u0131yla CVE-2022-34713): MSDT\u2019deki RCE g\u00fcvenlik a\u00e7\u0131\u011f\u0131<\/h2>\n<p>Yeni kapat\u0131lan g\u00fcvenlik a\u00e7\u0131klar\u0131ndan en tehlikelisi <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2022-34713\" target=\"_blank\" rel=\"noopener nofollow\">CVE-2022-34713<\/a>. Potansiyel olarak (<a href=\"https:\/\/encyclopedia.kaspersky.com\/glossary\/remote-code-execution-rce\/\" target=\"_blank\" rel=\"noopener\">RCE<\/a> t\u00fcr\u00fcne ait) k\u00f6t\u00fc ama\u00e7l\u0131 kodlar\u0131n uzaktan y\u00fcr\u00fct\u00fclmesine olanak sa\u011fl\u0131yor\u00a0 DogWalk ad\u0131 verilen CVE-2022-34713, t\u0131pk\u0131 bu y\u0131l\u0131n May\u0131s ay\u0131nda bir miktar heyecan yaratan <a href=\"https:\/\/www.kaspersky.com.tr\/blog\/follina-cve-2022-30190-msdt\/10743\/\" target=\"_blank\" rel=\"noopener\">Follina<\/a> gibi Microsoft Windows Destek Tan\u0131 Arac\u0131\u2019nda (MSDT) bulunan bir g\u00fcvenlik a\u00e7\u0131\u011f\u0131.<\/p>\n<p>Sorun, sistemin Cabinet (.cab) ar\u015fivlerini ele alma bi\u00e7iminde yat\u0131yor. Bir sald\u0131rgan\u0131n bu g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131 k\u00f6t\u00fcye kullanmak i\u00e7in kullan\u0131c\u0131y\u0131 Windows Startup klas\u00f6r\u00fcne .diagcab ar\u015fivini kaydeden k\u00f6t\u00fc amal\u0131 bir dosya a\u00e7maya ikna etmesi gerekiyor. B\u00f6ylelikle kullan\u0131c\u0131 bir dahaki sefere bilgisayar\u0131n\u0131 ba\u015flat\u0131p oturum a\u00e7t\u0131\u011f\u0131nda bu i\u00e7erikler y\u00fcr\u00fct\u00fcl\u00fcyor.<\/p>\n<p>Asl\u0131nda DogWalk <a href=\"https:\/\/irsl.medium.com\/the-trouble-with-microsofts-troubleshooters-6e32fc80b8bd\" target=\"_blank\" rel=\"noopener nofollow\">iki y\u0131l \u00f6nce<\/a> ke\u015ffedildi fakat sistem geli\u015ftiriciler o s\u0131rada bu probleme nedense yeterince dikkat etmedi. \u015eimdi bu g\u00fcvenlik a\u00e7\u0131\u011f\u0131 kapat\u0131lm\u0131\u015f olsa da Microsoft halihaz\u0131rda k\u00f6t\u00fcye kullan\u0131ld\u0131\u011f\u0131n\u0131 tespit etti.<\/p>\n<h2>Dikkat edilmesi gereken di\u011fer g\u00fcvenlik a\u00e7\u0131klar\u0131<\/h2>\n<p>Ge\u00e7ti\u011fimiz sal\u0131 g\u00fcn\u00fc kapat\u0131lan ikinci s\u0131f\u0131r g\u00fcn g\u00fcvenlik a\u00e7\u0131\u011f\u0131 ise <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2022-30134\" target=\"_blank\" rel=\"noopener nofollow\">CVE-2022-30134<\/a>. Microsoft Exchange\u2019de bulunuyor. Microsoft bu yamay\u0131 olu\u015fturmadan \u00f6nce bu g\u00fcvenlik a\u00e7\u0131\u011f\u0131yla ilgili bilgiler yay\u0131nlanm\u0131\u015f olsa da a\u00e7\u0131k hen\u00fcz ger\u00e7ek d\u00fcnyada k\u00f6t\u00fcye kullan\u0131lmad\u0131. Teorik olarak, bir sald\u0131rgan CVE-2022-30134\u2019\u00fc kullanmay\u0131 ba\u015farabilirse kurban\u0131n e-posta yaz\u0131\u015fmalar\u0131n\u0131 okuyabiliyor. Exchange\u2019de yeni yamayla giderilen tek hata bu de\u011fil. Yama ayn\u0131 zamanda sald\u0131rganlar\u0131n ayr\u0131cal\u0131k y\u00fckseltmesine izin veren <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2022-24516\" target=\"_blank\" rel=\"noopener nofollow\">CVE-2022-24516<\/a>, <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2022-21980\" target=\"_blank\" rel=\"noopener nofollow\">CVE-2022-21980<\/a> ve <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2022-24477\" target=\"_blank\" rel=\"noopener nofollow\">CVE-2022-24477<\/a> g\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131 da kapat\u0131yor.<\/p>\n<p>CVSS derecesi a\u00e7\u0131s\u0131ndan ilgili iki g\u00fcvenlik a\u00e7\u0131\u011f\u0131 \u015fampiyonlu\u011fu elinde bulunduruyor: <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2022-30133\" target=\"_blank\" rel=\"noopener nofollow\">CVE-2022-30133<\/a> ve <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2022-35744\" target=\"_blank\" rel=\"noopener nofollow\">CVE-2022-35744<\/a>. Her ikisi de Noktadan Noktaya Protokol\u00fc\u2019nde (PPP) yer al\u0131yor. Her ikisi de sald\u0131rganlar\u0131n uzaktan eri\u015fim sunucusuna istek g\u00f6ndermesine olanak vererek makinede k\u00f6t\u00fc ama\u00e7l\u0131 kod y\u00fcr\u00fct\u00fclebilmesine yol a\u00e7\u0131yor. Her ikisi de ayn\u0131 CVSS puan\u0131na sahip: 9,8.<\/p>\n<p>Microsoft, bir sebepten \u00f6t\u00fcr\u00fc yamalar\u0131 hemen y\u00fckleyemeyecek olanlara 1723 ba\u011flant\u0131 noktas\u0131n\u0131 kapatmay\u0131 \u00f6neriyor (g\u00fcvenlik a\u00e7\u0131klar\u0131 yaln\u0131zca bu ba\u011flant\u0131 noktas\u0131 \u00fczerinden k\u00f6t\u00fcye kullan\u0131labiliyor). Ancak bunun a\u011f\u0131n\u0131zdaki ileti\u015fimlerin stabilitesini sekteye u\u011fratabilece\u011fini unutmay\u0131n.<\/p>\n<h2>Kendinizi koruman\u0131n yollar\u0131<\/h2>\n<p>Yeni Microsoft g\u00fcncellemelerini m\u00fcmk\u00fcn olan en k\u0131sa s\u00fcrede y\u00fcklemenizi tavsiye ediyoruz. <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/releaseNote\/2022-Aug\" target=\"_blank\" rel=\"noopener nofollow\">G\u00fcncelleme k\u0131lavuzunun<\/a> S\u0131k Sorulan Sorular, Risk Azaltma Y\u00f6ntemleri ve Ge\u00e7ici \u00c7\u00f6z\u00fcmler b\u00f6l\u00fcm\u00fcnde altyap\u0131n\u0131zla ilgili bilgileri kontrol etmeyi de unutmay\u0131n.<\/p>\n<p>Bunlara ek olarak, \u015firkette internet eri\u015fimi olan t\u00fcm bilgisayarlar\u0131n (iste i\u015f istasyonu olsun ister sunucu) hen\u00fcz tespit edilmemi\u015f g\u00fcvenlik a\u00e7\u0131klar\u0131na kar\u015f\u0131 koruma sa\u011flayabilecek <a href=\"https:\/\/www.kaspersky.com.tr\/small-to-medium-business-security?icid=tr_kdailyplacehold_acq_ona_smm__onl_b2b_kasperskydaily_wpplaceholder_______\" target=\"_blank\" rel=\"noopener\">g\u00fcvenilir bir siber g\u00fcvenlik \u00e7\u00f6z\u00fcm\u00fc<\/a> ile korunmas\u0131 gerekti\u011fi de unutulmamal\u0131.<\/p>\n<input type=\"hidden\" class=\"category_for_banner\" value=\"kesb-trial-leadgen\">\n","protected":false},"excerpt":{"rendered":"<p>Microsoft 140&#8217;tan fazla g\u00fcvenlik a\u00e7\u0131\u011f\u0131 i\u00e7in yama yay\u0131nlad\u0131. Bunlardan baz\u0131lar\u0131n\u0131n m\u00fcmk\u00fcn olan en k\u0131sa s\u00fcrede kapat\u0131lmas\u0131 gerekiyor.<\/p>\n","protected":false},"author":2698,"featured_media":10927,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1726,1194,1727],"tags":[2376,790,38,2159,2157,113],"class_list":{"0":"post-10926","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-enterprise","8":"category-business","9":"category-smb","10":"tag-exchange","11":"tag-guvenlik-aciklari","12":"tag-microsoft","13":"tag-rce","14":"tag-sifir-gun","15":"tag-windows"},"hreflang":[{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/dogwalk-vulnerability-patch-tuesday-08-2022\/10926\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/dogwalk-vulnerability-patch-tuesday-08-2022\/24441\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/dogwalk-vulnerability-patch-tuesday-08-2022\/19907\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/dogwalk-vulnerability-patch-tuesday-08-2022\/26878\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/dogwalk-vulnerability-patch-tuesday-08-2022\/24785\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/dogwalk-vulnerability-patch-tuesday-08-2022\/25166\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/dogwalk-vulnerability-patch-tuesday-08-2022\/27496\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/dogwalk-vulnerability-patch-tuesday-08-2022\/33829\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/dogwalk-vulnerability-patch-tuesday-08-2022\/45127\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/dogwalk-vulnerability-patch-tuesday-08-2022\/19275\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/dogwalk-vulnerability-patch-tuesday-08-2022\/19844\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/dogwalk-vulnerability-patch-tuesday-08-2022\/29135\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/dogwalk-vulnerability-patch-tuesday-08-2022\/25336\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/dogwalk-vulnerability-patch-tuesday-08-2022\/30844\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/dogwalk-vulnerability-patch-tuesday-08-2022\/30553\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.tr\/blog\/tag\/guvenlik-aciklari\/","name":"g\u00fcvenlik a\u00e7\u0131klar\u0131"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/10926","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/users\/2698"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=10926"}],"version-history":[{"count":1,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/10926\/revisions"}],"predecessor-version":[{"id":10928,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/10926\/revisions\/10928"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media\/10927"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=10926"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=10926"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=10926"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}