| 【漏洞预警】微软10月安全更新补丁和多个高危漏洞风险提示 |
|
|
【漏洞公告】 微软官方发布了10月安全更新公告,包含了微软家族多个软件的安全更新补丁,包括:Microsoft Office、Windows Kernel、Microsoft Edge (Chromium-based)、Hyper-V、Windows Win32K 等多个CVE安全漏洞补丁。请相关用户及时更新对应补丁修复漏洞。 参考链接: https://msrc.microsoft.com/update-guide/releaseNote/2022-Oct 根据公告,此次更新中修复的Windows COM+ Event System Service权限提升漏洞(CVE-2022-41033)、Microsoft DWM Core Library权限提升漏洞(CVE-2022-37970)、Windows Mixed Reality Developer Tools信息泄露漏洞(CVE-2022-37974)、Windows CSRSS特权提升漏洞(CVE-2022-37987)、Windows CSRSS特权提升漏洞(CVE-2022-37989)、Win32k特权提升漏洞(CVE-2022-38050)、Windows图形组件特权提升漏洞(CVE-2022-38051)、Microsoft SharePoint Server远程代码执行漏洞(CVE-2022-38053)风险较大。其中CVE-2022-41033 Windows COM+ Event System Service权限提升漏洞存在在野利用,建议尽快安装安全更新补丁或采取临时缓解措施加固系统。 相关链接参考: https://msrc.microsoft.com/update-guide/vulnerability/
【影响范围】 Windows COM+ Event System Service 权限提升漏洞(CVE-2022-41033) Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for x64-based Systems Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows RT 8.1 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 (ServerCore installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1(Server Core installation) Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) Windows Server 2016 Windows Server 2016 (Server Core installation) Windows Server 2019 Windows Server 2019 (Server Core installation) Windows Server 2022 Windows Server 2022 (Server Core installation)
Microsoft DWM Core Library 权限提升漏洞(CVE-2022-37970) Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for x64-based Systems Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Windows Server 2022 Windows Server 2022 (Server Core installation)
Windows Mixed Reality Developer Tools 信息泄露漏洞(CVE-2022-37974)Windows 10 Version 20H2 for x64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 11 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems
Windows CSRSS 特权提升漏洞(CVE-2022-37987、CVE-2022-37989) Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for x64-based Systems Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows RT 8.1 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1(Server Core installation) Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) Windows Server 2016 Windows Server 2016 (Server Core installation) Windows Server 2019 Windows Server 2019 (Server Core installation) Windows Server 2022 Windows Server 2022 (Server Core installation)
Win32k 特权提升漏洞(CVE-2022-38050) Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for x64-based Systems Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Windows Server 2022 Windows Server 2022 (Server Core installation)
Windows 图形组件特权提升漏洞(CVE-2022-38051) Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for x64-based Systems Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows RT 8.1 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1(Server Core installation) Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) Windows Server 2016 Windows Server 2016 (Server Core installation) Windows Server 2019 Windows Server 2019 (Server Core installation) Windows Server 2022 Windows Server 2022 (Server Core installation)
Microsoft SharePoint Server 远程代码执行漏洞(CVE-2022-38053) Microsoft SharePoint Enterprise Server 2013 Service Pack 1 Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Foundation 2013 Service Pack 1 Microsoft SharePoint Server 2019 Microsoft SharePoint Server Subscription Edition
10 月安全公告列表,包含的其他漏洞快速阅读指引(非全部): https://msrc.microsoft.com/update-guide/releaseNote/2022-Oct CVE-2022-38042|Active Directory 域服务特权提升漏洞 CVE-2022-38017|StorSimple 8000 系列提权漏洞 CVE-2022-37968|启用 Azure Arc 的 Kubernetes 集群连接特权提升漏洞 CVE-2022-37989|Windows 客户端服务器运行时子系统 (CSRSS) 特权提升漏洞 CVE-2022-37987|Windows 客户端服务器运行时子系统 (CSRSS) 特权提升漏洞 CVE-2022-3373|Chromium:CVE-2022-3373 越界写入 V8 CVE-2022-3370|Chromium:CVE-2022-3370 在自定义元素中免费使用CVE-2022-3317|Chromium:CVE-2022-3317 Intents 中不受信任的输入验证不足 CVE-2022-3316|Chromium:CVE-2022-3316 对安全浏览中不受信任的输入的验证不足 CVE-2022-3315|Chromium:CVE-2022-3315 Blink 中的类型混淆 CVE-2022-3313|Chromium:CVE-2022-3313 全屏显示不正确的安全UI CVE-2022-3311|Chromium:CVE-2022-3311 在导入后免费使用 CVE-2022-3310|Chromium:CVE-2022-3310 自定义选项卡中的策略执行不足 CVE-2022-3307|Chromium:CVE-2022-3307 在媒体中免费后使用 CVE-2022-3304|Chromium:CVE-2022-3304 在 CSS 中免费后使用 CVE-2022-41035|Microsoft Edge(基于 Chromium)欺骗漏洞 CVE-2022-3308|Chromium:CVE-2022-3308 开发人员工具中的策略执行不足 CVE-2022-38051|Windows 图形组件特权提升漏洞 CVE-2022-33635|Windows GDI+ 远程代码执行漏洞 CVE-2022-37985|Windows 图形组件信息泄露漏洞 CVE-2022-37997|Windows 图形组件特权提升漏洞 CVE-2022-37986|Windows Win32k 特权提升漏洞 CVE-2022-38001|Microsoft Office 欺骗漏洞 CVE-2022-38049|Microsoft Office Graphics 远程代码执行漏洞 CVE-2022-38048|Microsoft Office 远程代码执行漏洞 CVE-2022-41043|Microsoft Office 信息泄露漏洞 CVE-2022-41036|Microsoft SharePoint Server 远程代码执行漏洞 CVE-2022-41038|Microsoft SharePoint Server 远程代码执行漏洞 CVE-2022-38053|Microsoft SharePoint Server 远程代码执行漏洞 CVE-2022-41037|Microsoft SharePoint Server 远程代码执行漏洞 CVE-2022-41031|Microsoft Word 远程代码执行漏洞 CVE-2022-38031|针对 SQL Server 远程代码执行漏洞的 Microsoft WDAC OLE DB 提供程序 CVE-2022-37982|针对 SQL Server 远程代码执行漏洞的 Microsoft WDAC OLE DB 提供程序 CVE-2022-41032|NuGet 客户端特权提升漏洞 CVE-2022-37965|Windows 点对点隧道协议拒绝服务漏洞 CVE-2022-37979|Windows Hyper-V 特权提升漏洞 CVE-2022-35829|Service Fabric Explorer 欺骗漏洞 CVE-2022-41034|Visual Studio Code 远程代码执行漏洞 CVE-2022-41042|Visual Studio Code 信息泄露漏洞 CVE-2022-41083|Visual Studio Code 特权提升漏洞 CVE-2022-37976|Active Directory 证书服务特权提升漏洞 CVE-2022-37978|Windows Active Directory 证书服务安全功能绕过CVE-2022-38029|Windows ALPC 特权提升漏洞 CVE-2022-38044|Windows CD-ROM 文件系统驱动程序远程执行代码漏洞 CVE-2022-41033|Windows COM+ Event System Service 权限提升漏洞 CVE-2022-38021|Connected User Experiences and Telemetry 特权提升漏洞 CVE-2022-37971|Microsoft Windows Defender 特权提升漏洞 CVE-2022-37980|Windows DHCP 客户端特权提升漏洞 CVE-2022-38026|Windows DHCP 客户端信息泄露漏洞 CVE-2022-38025|Windows 分布式文件系统 (DFS) 信息泄露漏洞 CVE-2022-37970|Windows DWM 核心库特权提升漏洞 CVE-2022-37983|Microsoft DWM 核心库特权提升漏洞 CVE-2022-37981|Windows 事件日志记录服务拒绝服务漏洞 CVE-2022-37975|Windows 组策略特权提升漏洞 CVE-2022-37994|Windows Group Policy Preference Client 特权提升漏洞 CVE-2022-37993|Windows Group Policy Preference Client 特权提升漏洞 CVE-2022-37999|Windows Group Policy Preference Client 特权提升漏洞 CVE-2022-37995|Windows 内核特权提升漏洞 CVE-2022-38037|Windows 内核特权提升漏洞 CVE-2022-37991|Windows 内核特权提升漏洞 CVE-2022-38039|Windows 内核特权提升漏洞 CVE-2022-37990|Windows 内核特权提升漏洞 CVE-2022-38038|Windows 内核特权提升漏洞 CVE-2022-37988|Windows 内核特权提升漏洞 CVE-2022-38022|Windows 内核特权提升漏洞 CVE-2022-38016|Windows LSA 特权提升漏洞 CVE-2022-37973|Windows LSM 拒绝服务漏洞 CVE-2022-37996|Windows 内核内存信息泄露漏洞 CVE-2022-35770|Windows NTLM 欺骗漏洞 CVE-2022-38040|Microsoft ODBC 驱动程序远程执行代码漏洞 CVE-2022-37974|Windows Mixed Reality开发者工具信息泄露漏洞 CVE-2022-38047|Windows 点对点隧道协议远程代码执行漏洞 CVE-2022-30198|Windows 点对点隧道协议远程代码执行漏洞 CVE-2022-33634|Windows 点对点隧道协议远程代码执行漏洞 CVE-2022-38000|Windows 点对点隧道协议远程代码执行漏洞 CVE-2022-22035|Windows 点对点隧道协议远程代码执行漏洞 CVE-2022-24504|Windows 点对点隧道协议远程代码执行漏洞 CVE-2022-41081|Windows 点对点隧道协议远程代码执行漏洞 CVE-2022-38032|Windows 便携式设备枚举器服务安全功能绕过漏洞 CVE-2022-38028|Windows 后台打印程序特权提升漏洞 CVE-2022-38043|Windows Security Support Provider Interface 信息泄露漏洞 CVE-2022-38033|Windows Server Remotely Accessible Registry Keys 泄露漏洞 CVE-2022-38045|Server Service Remote Protocol 特权提升漏洞 CVE-2022-38027|Windows 存储特权提升漏洞 CVE-2022-38030|Windows USB Serial Driver 信息泄露漏洞 CVE-2022-38046|Web Account Manager 信息泄露漏洞 CVE-2022-38050|Win32k 特权提升漏洞 CVE-2022-37984|Windows WLAN Service 特权提升漏洞 CVE-2022-34689 | Windows 加密 API 欺骗漏洞 CVE-2022-38034|Windows Workstation Service 特权提升漏洞
【漏洞描述】 Windows COM+ Event System Service 权限提升漏洞(CVE-2022-41033):
Windows COM+ Event System Service中存在一处特权提升漏洞(CVE-2022-41033),本地攻击者可通过在目标系统上运行恶意程序来利用此漏洞,成功利用此漏洞可在目标系统上以 SYSTEM 权限执行任意代码。
Microsoft DWM Core Library 权限提升漏洞(CVE-2022-37970):
Microsoft DWM Core Library中存在一处特权提升漏洞(CVE-2022-37970),本地攻击者可通过在目标系统上运行恶意程序来利用此漏洞,成功利用此漏洞可在目标系统上以SYSTEM 权限执行任意代码。
Windows Mixed Reality Developer Tools 信息泄露漏洞(CVE-2022-37974):
Windows Mixed Reality Developer Tools 中存在一处信息泄漏漏洞(CVE-2022-37974),攻击者可以通过诱使用户打开特制文件来利用此漏洞,成功利用此漏洞的攻击者可以进行系统文件的读取。
Windows CSRSS 特权提升漏洞(CVE-2022-37987):
Windows CSRSS 中存在一处特权提升漏洞(CVE-2022-37987),本地攻击者可通过在目标系统上运行恶意程序来利用此漏洞,成功利用此漏洞可在目标系统上以SYSTEM 权限执行任意代码。
Windows CSRSS 特权提升漏洞(CVE-2022-37989):
Windows CSRSS 中存在一处特权提升漏洞(CVE-2022-37989),本地攻击者可通过在目标系统上运行恶意程序来利用此漏洞,成功利用此漏洞可在目标系统上以SYSTEM 权限执行任意代码。
Win32k 特权提升漏洞(CVE-2022-38050):
Win32k 中存在一处特权提升漏洞(CVE-2022-38050),本地攻击者可通过在目标系统上运行恶意程序来利用此漏洞,成功利用此漏洞可在目标系统上以 SYSTEM 权限执行任意代码。
Windows 图形组件特权提升漏洞(CVE-2022-38051):
Windows 图形组件中存在一处特权提升漏洞(CVE-2022-38051),本地攻击者可通过在目标系统上运行恶意程序来利用此漏洞,成功利用此漏洞可在目标系统上以SYSTEM 权限执行任意代码。
Microsoft SharePoint Server 远程代码执行漏洞(CVE-2022-38053):
Microsoft SharePoint Server 中存在一处远程代码执行漏洞(CVE-2022-38053),具有管理列表权限的经过身份验证的攻击者可以在SharePoint Server 上远程执行代码。
【缓解措施】 高危:目前漏洞细节虽未公开,但是恶意攻击者可以通过补丁对比方式分析出漏洞触发点,并进一步开发漏洞利用代码,Microsoft 已发布相关安全更新,鉴于漏洞的严重性,建议受影响的用户尽快修复。安恒信息将在产品的例行更新中加入相关攻击检测和防护能力。 (一)Windows 更新: 自动更新: Microsoft Update 默认启用,当系统检测到可用更新时,将会自动下载更新并在下一次启动时安装。 手动更新: 1、点击“开始菜单”或按 Windows 快捷键,点击进入“设置” 2、选择“更新和安全”,进入“Windows 更新”(Windows 8、Windows 8.1、Windows Server 2012 以及 Windows Server 2012 R2 可通过控制面板进入“Windows 更新”,具体步骤为“控制面板”->“系统和安全”->“Windows 更新”) 3、选择“检查更新”,等待系统将自动检查并下载可用更新。 4、重启计算机,安装更新系统重新启动后,可通过进入“Windows 更新”->“查看更新历史记录”查看是否成功安装了更新。 (二)目前微软针对支持的产品已发布升级补丁修复了上述漏洞,请用户参考官方通告及时下载更新补丁。 补丁获取:https://msrc.microsoft.com/update-guide/vulnerability
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
 |
|
Copyright © 2014 East China University Science and Technology. All rights reserved 版权所有 © 2014 华东理工大学信息化办公室 |