微软9月安全更新补丁和高危漏洞风险提示:
【漏洞公告】
2020年9月8日,微软官方发布了9月安全更新公告,包含了微软家族多个软件的安全更新补丁,威胁风险较大的有Exchange Server远程代码执行漏洞、Active Directory信息泄漏和远程代码执行漏洞、Microsoft COM和Windows远程代码执行漏洞等,对应CVE编号:CVE-2020-16875、CVE-2020-0718、CVE-2020-0761、CVE-2020-0922、CVE-2020-1129、CVE-2020-1252,相关链接参考:
https://portal.msrc.microsoft.com/zh-CN/security-guidance/advisory/CVE-2020-16875
https://portal.msrc.microsoft.com/zh-CN/security-guidance/advisory/CVE-2020-0718
https://portal.msrc.microsoft.com/zh-CN/security-guidance/advisory/CVE-2020-0761
https://portal.msrc.microsoft.com/zh-CN/security-guidance/advisory/CVE-2020-0922
https://portal.msrc.microsoft.com/zh-CN/security-guidance/advisory/CVE-2020-1129
https://portal.msrc.microsoft.com/zh-CN/security-guidance/advisory/CVE-2020-1252
根据公告,Exchange Server 2016/2019某些CU版本对cmdlet参数安全验证不足,存在远程代码执行的风险;另外,Active Directory集成的DNS(ADIDNS)在处理内存中的对象时,存在远程代码执行风险,经过身份验证的恶意攻击者可以利用这些漏洞获得目标系统权限,建议尽快安装安全更新补丁。
9月安全更新公告参考:https://portal.msrc.microsoft.com/zh-cn/security-guidance/releasenotedetail/2020-Sep
【影响范围】
Exchange Server远程代码执行漏洞影响和微软已经提供补丁的版本列表:
Microsoft Exchange Server 2016 Cumulative Update 16
Microsoft Exchange Server 2016 Cumulative Update 17
Microsoft Exchange Server 2019 Cumulative Update 5
Microsoft Exchange Server 2019 Cumulative Update 6
Active Directory信息泄漏漏洞和远程代码执行漏洞影响和微软已经提供补丁的系统列表:
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
Windows Server 2016
Windows Server 2016 (Server Core installation)
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows Server, version 1903 (Server Core installation)
Windows Server, version 1909 (Server Core installation)
Windows Server, version 2004 (Server Core installation)
Microsoft COM和Windows远程代码执行漏洞影响和微软已经提供补丁的系统列表:
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1709 for 32-bit Systems
Windows 10 Version 1709 for ARM64-based Systems
Windows 10 Version 1709 for x64-based Systems
Windows 10 Version 1803 for 32-bit Systems
Windows 10 Version 1803 for ARM64-based Systems
Windows 10 Version 1803 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1903 for 32-bit Systems
Windows 10 Version 1903 for ARM64-based Systems
Windows 10 Version 1903 for x64-based Systems
Windows 10 Version 1909 for 32-bit Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 2004 for 32-bit Systems
Windows 10 Version 2004 for ARM64-based Systems
Windows 10 Version 2004 for x64-based Systems
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based systems
Windows RT 8.1
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
Windows Server 2016
Windows Server 2016 (Server Core installation)
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows Server, version 1903 (Server Core installation)
Windows Server, version 1909 (Server Core installation)
Windows Server, version 2004 (Server Core installation)
【漏洞描述】
CVE-2020-16875漏洞,Exchange Server 2016/2019某些CU版本对cmdlet参数安全验证不足,经过身份验证的恶意攻击者可以利用该漏洞实施远程代码执行攻击,从而获得系统管理权限,基于Exchange Server的重要性,建议及时测试并更新补丁。
CVE-2020-0718、CVE-2020-0761漏洞,Active Directory集成的DNS(ADIDNS)在处理内存中的对象时,存在远程代码执行漏洞,经过身份验证的恶意攻击者可以利用该漏洞实施远程代码执行攻击,从而获得系统管理权限,基于AD域的服务特性,漏洞主要影响Windows Server系统。
CVE-2020-0922漏洞,Microsoft COM组件在处理内存中的对象时,存在远程代码执行漏洞,利用场景主要是诱使目标用户打开包含JavaScript的网站,触发漏洞并执行恶意代码,从而获得目标用户和系统权限。
9月安全公告列表,包含的其他漏洞(非全部)快速阅读指引:https://portal.msrc.microsoft.com/zh-cn/security-guidance/releasenotedetail/2020-Sep
CVE-2020-0664 | Active Directory 信息泄漏漏洞
CVE-2020-0856 | Active Directory 信息泄漏漏洞
CVE-2020-0875 | Microsoft splwow64 信息泄漏漏洞
CVE-2020-0914 | Windows 状态存储库服务信息披露漏洞
CVE-2020-0921 | Microsoft 图形组件信息泄漏漏洞
CVE-2020-0928 | Windows 内核信息泄漏漏洞
CVE-2020-0941 | Win32k 信息泄漏漏洞
CVE-2020-0989 | Windows Mobile Device Management Diagnostics 信息泄露漏洞
CVE-2020-1031 | Windows DHCP Server 信息泄漏漏洞
CVE-2020-1033 | Windows 内核信息泄漏漏洞
CVE-2020-1083 | Microsoft 图形组件信息泄漏漏洞
CVE-2020-1091 | Windows 图形组件信息泄漏漏洞
CVE-2020-1097 | Windows 图形组件信息泄漏漏洞
CVE-2020-1119 | Windows 信息泄漏漏洞
CVE-2020-1193 | Microsoft Excel 远程执行代码漏洞
CVE-2020-1210 | Microsoft SharePoint 远程执行代码漏洞
CVE-2020-1218 | Microsoft Word 远程执行代码漏洞
CVE-2020-1224 | Microsoft Excel 信息泄漏漏洞
CVE-2020-1250 | Win32k 信息泄漏漏洞
CVE-2020-1256 | Windows GDI 信息泄漏漏洞
CVE-2020-1332 | Microsoft Excel 远程执行代码漏洞
CVE-2020-1335 | Microsoft Excel 远程执行代码漏洞
CVE-2020-1338 | Microsoft Word 远程执行代码漏洞
CVE-2020-1589 | Windows 内核信息泄漏漏洞
CVE-2020-1592 | Windows 内核信息泄漏漏洞
CVE-2020-1594 | Microsoft Excel 远程执行代码漏洞
CVE-2020-1596 | TLS 信息泄漏漏洞
CVE-2020-16851 | OneDrive for Windows 特权提升漏洞
CVE-2020-16852 | OneDrive for Windows 特权提升漏洞
CVE-2020-16853 | OneDrive for Windows 特权提升漏洞
CVE-2020-16854 | Windows 内核信息泄漏漏洞
CVE-2020-16855 | Microsoft Office 信息泄漏漏洞
CVE-2020-16879 | 投影文件系统信息泄漏漏洞
CVE-2020-16884 | Internet Explorer 浏览器帮助程序对象 (BHO) 内存损坏漏洞
【缓解措施】
高危:目前漏洞细节暂未公开,但可以通过补丁对比方式分析出漏洞触发点,并进一步开发出漏洞利用代码,建议及时测试安全更新补丁并应用安装。