微软12月安全更新补丁和多个高危漏洞风险提示:
【漏洞公告】
微软官方发布了12月安全更新公告,包含了微软家族多个软件的安全更新补丁,包括:Microsoft Windows、Office、ASP.NET、Visual Studio、Defender for IoT、Edge(基于 Chromium)等83个安全漏洞。其中包含7个严重和多个高危漏洞。请相关用户及时更新对应补丁修复漏洞。相关链接参考:
https://msrc.microsoft.com/update-guide/releaseNote/2021-Dec
根据公告,此次更新中修复的Microsoft Windows Installer 特权提升漏洞(CVE-2021-43883)、Windows 打印后台处理程序特权提升漏洞(CVE-2021-41333)、Windows 通用日志文件系统驱动程序提权漏洞(CVE-2021-43207、CVE-2021-43226)、远程桌面客户端远程代码执行漏洞(CVE-2021-43233)、iSNS 服务器内存损坏漏洞(CVE-2021-43215)、微软4K 无线显示适配器远程代码执行漏洞(CVE-2021-43899)等风险较大,建议尽快安装安全更新补丁或采取临时缓解措施加固系统。相关链接参考:
https://msrc.microsoft.com/update-guide/vulnerability/
【影响范围】
CVE-2021-43883:Windows Installer 特权提升漏洞:
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1909 for 32-bit Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 2004 for 32-bit Systems
Windows 10 Version 2004 for ARM64-based Systems
Windows 10 Version 2004 for x64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for x64-based Systems
Windows 10 Version 21H1 for 32-bit Systems
Windows 10 Version 21H1 for ARM64-based Systems
Windows 10 Version 21H1 for x64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 11 for ARM64-based Systems
Windows 11 for x64-based Systems
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based systems
Windows RT 8.1
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
Windows Server 2016
Windows Server 2016 (Server Core installation)
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows Server 2022
Windows Server 2022 (Server Core installation)
Windows Server, version 2004 (Server Core installation)
Windows Server, version 20H2 (Server Core Installation)
CVE-2021-41333:Windows 打印后台处理程序特权提升漏洞:
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1909 for 32-bit Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 2004 for 32-bit Systems
Windows 10 Version 2004 for ARM64-based Systems
Windows 10 Version 2004 for x64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for x64-based Systems
Windows 10 Version 21H1 for 32-bit Systems
Windows 10 Version 21H1 for ARM64-based Systems
Windows 10 Version 21H1 for x64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 11 for ARM64-based Systems
Windows 11 for x64-based Systems
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based systems
Windows RT 8.1
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
Windows Server 2016
Windows Server 2016 (Server Core installation)
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows Server 2022
Windows Server 2022 (Server Core installation)
Windows Server, version 2004 (Server Core installation)
Windows Server, version 20H2 (Server Core Installation)
CVE-2021-43207、CVE-2021-43226:Windows 通用日志文件系统驱动程序提权漏洞:
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1909 for 32-bit Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 2004 for 32-bit Systems
Windows 10 Version 2004 for ARM64-based Systems
Windows 10 Version 2004 for x64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for x64-based Systems
Windows 10 Version 21H1 for 32-bit Systems
Windows 10 Version 21H1 for ARM64-based Systems
Windows 10 Version 21H1 for x64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 11 for ARM64-based Systems
Windows 11 for x64-based Systems
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based systems
Windows RT 8.1
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
Windows Server 2016
Windows Server 2016 (Server Core installation)
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows Server 2022
Windows Server 2022 (Server Core installation)
Windows Server, version 2004 (Server Core installation)
Windows Server, version 20H2 (Server Core Installation)
CVE-2021-43233:远程桌面客户端远程代码执行漏洞:
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1909 for 32-bit Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 2004 for 32-bit Systems
Windows 10 Version 2004 for ARM64-based Systems
Windows 10 Version 2004 for x64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for x64-based Systems
Windows 10 Version 21H1 for 32-bit Systems
Windows 10 Version 21H1 for ARM64-based Systems
Windows 10 Version 21H1 for x64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 11 for ARM64-based Systems
Windows 11 for x64-based Systems
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based systems
Windows RT 8.1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
Windows Server 2016
Windows Server 2016 (Server Core installation)Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows Server 2022
Windows Server 2022 (Server Core installation)
Windows Server, version 2004 (Server Core installation)
Windows Server, version 20H2 (Server Core Installation)
CVE-2021-43215:服务器内存损坏漏洞可导致远程代码执行:
Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2
Windows Server 2012 (Server Core installation)
Windows Server 2012 (Server Core installation)
Windows Server 2012
Windows Server 2012
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows RT 8.1
Windows 8.1 for x64-based systems
Windows 8.1 for x64-based systems
Windows 8.1 for 32-bit systems
Windows 8.1 for 32-bit systems
Windows 7 for x64-based Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for 32-bit Systems Service Pack 1
Windows Server 2016 (Server Core installation)
Windows Server 2016
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 for 32-bit Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows Server, version 20H2 (Server Core Installation)
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for x64-based Systems
Windows Server, version 2004 (Server Core installation)
Windows 10 Version 2004 for x64-based Systems
Windows 10 Version 2004 for ARM64-based Systems
Windows 10 Version 2004 for 32-bit Systems
Windows 10 Version 21H1 for 32-bit Systems
Windows 10 Version 21H1 for ARM64-based Systems
Windows 10 Version 21H1 for x64-based Systems
Windows 10 Version 1909 for ARM64-based SystemsWindows 10 Version 1909 for x64-based Systems
Windows 10 Version 1909 for 32-bit Systems
Windows Server 2019 (Server Core installation)
Windows Server 2019
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
CVE-2021-43899:微软 4K 无线显示适配器远程代码执行漏洞:
Microsoft 4K Wireless Display Adapter
12月安全公告列表,包含的其他漏洞快速阅读指引:
https://msrc.microsoft.com/update-guide/releaseNote/2021-Dec
CVE-2021-43877|ASP.NET Core 和 Visual Studio 提权漏洞
CVE-2021-43225|Bot Framework SDK 远程代码执行漏洞
CVE-2021-43215|iSNS 服务器内存损坏漏洞可导致远程代码执行
CVE-2021-41365|Microsoft Defender for IoT 远程代码执行漏洞
CVE-2021-43889|Microsoft Defender for IoT 远程代码执行漏洞
CVE-2021-42310|Microsoft Defender for IoT 远程代码执行漏洞
CVE-2021-42311|Microsoft Defender for IoT 远程代码执行漏洞
CVE-2021-42312|Microsoft Defender for IOT 提权漏洞
CVE-2021-42313|Microsoft Defender for IoT 远程代码执行漏洞
CVE-2021-42314|Microsoft Defender for IoT 远程代码执行漏洞
CVE-2021-42315|Microsoft Defender for IoT 远程代码执行漏洞
CVE-2021-43888|Microsoft Defender for IoT 信息泄露漏洞
CVE-2021-43882|Microsoft Defender for IoT 远程代码执行漏洞
CVE-2021-43899|微软 4K 无线显示适配器远程代码执行漏洞
CVE-2021-4054|Chromium:CVE-2021-4054 自动填充中的安全 UI 不正确
CVE-2021-4068|Chromium:CVE-2021-4068 新标签页中不可信输入的验证不足
CVE-2021-4052|Chromium:CVE-2021-4052 在网络应用程序中免费使用
CVE-2021-4067|Chromium:CVE-2021-4067 在窗口管理器中免费使用
CVE-2021-4056|Chromium:CVE-2021-4056:加载器中的类型混淆
CVE-2021-4053|Chromium:CVE-2021-4053 在 UI 中免费使用
CVE-2021-4057|Chromium:CVE-2021-4057 在文件 API 中免费使用
CVE-2021-4055|Chromium:CVE-2021-4055 扩展中的堆缓冲区溢出
CVE-2021-4059|Chromium:CVE-2021-4059 加载程序中的数据验证不足
CVE-2021-4061|Chromium:V8 中的 CVE-2021-4061 类型混淆
CVE-2021-4062|Chromium:CVE-2021-4062 BFCache 中的堆缓冲区溢出
CVE-2021-4063|Chromium:CVE-2021-4063 在开发者工具中免费使用
CVE-2021-4064|Chromium:CVE-2021-4064 在屏幕截图中免费使用
CVE-2021-4066|Chromium:CVE-2021-4066 ANGLE 中的整数下溢
CVE-2021-4065|Chromium:CVE-2021-4065 在自动填充中免费使用
CVE-2021-4058|Chromium:CVE-2021-4058 ANGLE 中的堆缓冲区溢出
CVE-2021-43216|Microsoft 本地安全机构服务器 (lsasrv) 信息泄露漏洞
CVE-2021-43222|Microsoft 消息队列信息泄露漏洞
CVE-2021-43236|Microsoft 消息队列信息泄露漏洞
CVE-2021-43875|Microsoft Office Graphics 远程代码执行漏洞
CVE-2021-42295|Visual Basic for Applications 信息泄露漏洞
CVE-2021-43905|Microsoft Office 应用程序远程代码执行漏洞
CVE-2021-42293|Microsoft Jet Red 数据库引擎和访问连接引擎提权漏洞
CVE-2021-43256|Microsoft Excel 远程代码执行漏洞
CVE-2021-42294|Microsoft SharePoint Server 远程代码执行漏洞
CVE-2021-42320|Microsoft SharePoint Server 欺骗漏洞
CVE-2021-43242|Microsoft SharePoint Server 欺骗漏洞
CVE-2021-42309|Microsoft SharePoint Server 远程代码执行漏洞
CVE-2021-43896|Microsoft PowerShell 欺骗漏洞
CVE-2021-43243|VP9 视频扩展信息泄露漏洞
CVE-2021-43248|Windows 数字媒体接收器提权漏洞
CVE-2021-43214|Web Media Extensions 远程代码执行漏洞
CVE-2021-40453|HEVC 视频扩展远程代码执行漏洞
CVE-2021-40452|HEVC 视频扩展远程代码执行漏洞
CVE-2021-41360|HEVC 视频扩展远程代码执行漏洞
CVE-2021-43255|Microsoft Office 信任中心欺骗漏洞
CVE-2021-43233|远程桌面客户端远程代码执行漏洞
CVE-2021-43234|Windows 传真服务远程代码执行漏洞
CVE-2021-43246|Windows Hyper-V 拒绝服务漏洞
CVE-2021-43907|Visual Studio Code WSL 扩展远程代码执行漏洞
CVE-2021-43891|Visual Studio Code 远程代码执行漏洞
CVE-2021-43207|Windows 通用日志文件系统驱动程序提权漏洞
CVE-2021-43224|Windows 通用日志文件系统驱动程序信息泄露漏洞
CVE-2021-43226|Windows 通用日志文件系统驱动程序提权漏洞
CVE-2021-43245|Windows 数字电视调谐器提权漏洞
CVE-2021-43219|DirectX 图形内核文件拒绝服务漏洞
CVE-2021-43217|Windows 加密文件系统 (EFS) 远程代码执行漏洞
CVE-2021-43893|Windows 加密文件系统 (EFS) 提权漏洞
CVE-2021-43232|Windows 事件跟踪远程代码执行漏洞
CVE-2021-43883|Windows Installer 特权提升漏洞
CVE-2021-43244|Windows 内核信息泄露漏洞
CVE-2021-40441|Windows Media Center 提权漏洞
CVE-2021-43880|Windows Mobile 设备管理提权漏洞
CVE-2021-43231|Windows NTFS 提权漏洞
CVE-2021-43230|Windows NTFS 提权漏洞
CVE-2021-43229|Windows NTFS 提权漏洞
CVE-2021-43240|NTFS 设置短名称提权漏洞
CVE-2021-41333|Windows 打印后台处理程序特权提升漏洞
CVE-2021-43238|Windows 远程访问权限提升漏洞
CVE-2021-43223|Windows 远程访问连接管理器特权提升漏洞
CVE-2021-43235|存储空间控制器信息泄露漏洞
CVE-2021-43227|存储空间控制器信息泄露漏洞
CVE-2021-43228|SymCrypt 拒绝服务漏洞
CVE-2021-43247|Windows TCP/IP 驱动程序提权漏洞
CVE-2021-43237|Windows 安装程序特权提升漏洞
CVE-2021-43239|Windows 恢复环境代理提权漏洞
【漏洞描述】
CVE-2021-43883 Windows Installer存在特权提升漏洞,攻击者利用该漏洞可提升至高权限的用户组。
CVE-2021-41333 Windows 打印后台处理程序存在特权提升漏洞,攻击者利用该漏洞可提升至高权限的用户组。
CVE-2021-43207、CVE-2021-43226 Windows通用日志文件系统驱动程序存在提权漏洞,攻击者利用该漏洞可提升至高权限的用户组。
CVE-2021-43233 Windows远程桌面客户端存在远程代码执行漏洞,受影响版本的远程桌面客户端连接恶意远程桌面服务器时,攻击者可在受害者客户端机器上执行任意代码,可导致受害者服务器被控制。
CVE-2021-43215:iSNS 是一种协议,它支持自动发现和管理 TCP/IP 存储网络上的 iSCSI 设备。因Windows iSNS服务存在缺陷,攻击者可利用该缺陷向iSNS服务器发送特制的请求,在一定条件下可导致远程代码执行。默认情况下windows未启用该服务。
CVE-2021-43899:微软 4K 无线显示适配器存在远程代码执行漏洞,未经身份验证的攻击者可利用该漏洞在受影响的设备上执行任意代码,攻击者需要与Microsoft 4K显示适配器在同一网络环境下。
【缓解措施】
高危:目前漏洞细节虽未公开,但是恶意攻击者可以通过补丁对比方式分析出漏洞触发点,并进一步开发漏洞利用代码,Microsoft已发布相关安全更新,鉴于漏洞的严重性,建议受影响的用户尽快修复。
(一)Windows 更新:
自动更新:
Microsoft Update默认启用,当系统检测到可用更新时,将会自动下载更新并在下一次启动时安装。
手动更新:
1、点击“开始菜单”或按Windows快捷键,点击进入“设置”
2、选择“更新和安全”,进入“Windows更新”(Windows 8、Windows 8.1、Windows Server 2012以及Windows Server 2012 R2可通过控制面板进入“Windows更新”,具体步骤为“控制面板”->“系统和安全”->“Windows更新”)
3、选择“检查更新”,等待系统将自动检查并下载可用更新。
4、重启计算机,安装更新系统重新启动后,可通过进入“Windows更新”->“查看更新历史记录”查看是否成功安装了更新。
(二)目前微软针对支持的产品已发布升级补丁修复了上述漏洞,请用户参考官方通告及时下载更新补丁。
补丁获取:https://msrc.microsoft.com/update-guide/vulnerability
