neowin[.]net/news/dogwalk-another-microsoft-ignored-msdt-vulnerability-like-follina-gets-unofficial-patch/
blog.0patch[.]com/2022/06/microsoft-diagnostic-tools-dogwalk.html
Dogwalk is another MSDT vulnerability that was discovered about 2 years ago, but Microsoft decided it was not critical, so never patched it. Neowin doesn't go into much detail, while the 0patch blog on the issue *may* be too in depth for some people. In a nutshell, if you download & click on a malicious .diagcab file, a malware file can be copied to the Start Menu's Startup folder, e.g. C:\ProgramData\ Microsoft\ Windows\ Start Menu\ Programs\ StartUp\, and run the next time someone logs into that copy of Windows.
Opatch itself was started by a security company a few years ago. The way their service works is you download and install the 0patch Agent, which runs as a service auto starting with Windows. When software with an available patch is run, this agent patches that software in memory, so its behavior is changed while the software files themselves remain untouched. The patches themselves are downloaded by their agent as they become available & stored in the registry. 0patch has free & paid tiers.
Their Agent is downloaded as a small .msi file [~3MB]. Monitored in my Win7 32-bit VM, installation adds the program's folder [4.3MB, 13 files, 1 folder], while a folder for logs is added to ProgramData. Four files are added to Windows\ Installer, & 9 files related to Microsoft C/C++ runtimes are added to Windows\ WinSxs\. Unfortunately I can't say much about the registry... installation apparently triggers a rewrite of the Component hive, so you'd have to sort through just short of 70k new entries. :(