​【漏洞预警】微软3月安全更新补丁和多个高危漏洞风险提示
发布人: 李雪娇 发布时间: 2024-03-21 作者: 访问次数: 10

【漏洞信息】

微软官方发布了3月安全更新公告,包含了Windows Print SpoolerOpen Management Infrastructure(OMI)Windows Graphics ComponentWindows Composite Image File System(CimFS)Windows KernelWindows Hyper-V等微软家族多个软件的安全更新补丁。请相关用户及时更新对应补丁修复漏洞。

根据公告,此次更新中修复的Windows Print Spooler权限提升漏洞(CVE-2024-21433)Open Management Infrastructure(OMI)权限提升漏洞(CVE-2024-21330)Windows Graphics Component权限提升漏洞(CVE-2024-21437)Windows Composite Image File System(CimFS)权限提升漏洞(CVE-2024-26170)Windows内核权限提升漏洞(CVE-2024-26182)Windows Hyper-V远程代码执行漏洞(CVE-2024-21407)风险较大。建议尽快安装安全更新补丁或采取临时缓解措施加固系统。

1Windows Print Spooler权限提升漏洞(CVE-2024-21433

漏洞标题

Windows Print Spooler权限提升漏洞(CVE-2024-21433

应急响应等级

2

漏洞类型

权限提升

影响目标

影响版本

Windows 10 for 32-bit Systems

Windows 10 for x64-based Systems

Windows 10 Version 1607 for 32-bit Systems

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems

Windows 10 Version 1809 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 21H2 for 32-bit Systems

Windows 10 Version 21H2 for ARM64-based Systems

Windows 10 Version 21H2 for x64-based Systems

Windows 10 Version 22H2 for 32-bit Systems

Windows 10 Version 22H2 for ARM64-based Systems

Windows 10 Version 22H2 for x64-based Systems

Windows 11 version 21H2 for ARM64-based Systems

Windows 11 version 21H2 for x64-based Systems

Windows 11 Version 22H2 for ARM64-based Systems

Windows 11 Version 22H2 for x64-based Systems

Windows 11 Version 23H2 for ARM64-based Systems

Windows 11 Version 23H2 for x64-based Systems

Windows Server 2012

Windows Server 2012 (Server Core installation)

Windows Server 2012 R2

Windows Server 2012 R2 (Server Core installation)

Windows Server 2016

Windows Server 2016 (Server Core installation)

Windows Server 2019

Windows Server 2019 (Server Core installation)

Windows Server 2022

Windows Server 2022 (Server Core installation)

Windows Server 2022, 23H2 Edition (Server Core installation)

 

漏洞编号

CVE 编号

CVE-2024-21433

CVSS3.1 评分

7.0

危害等级   

高危

CVSS 向量

访问途径(AV

本地

攻击复杂度(AC

所需权限(PR

用户交互(UI

不需要用户交互

影响范围(S

不变

机密性影响(C

完整性影响(I

可用性影响(A

威胁状态

Poc 情况

未发现

Exp 情况

未发现

在野利用

未发现

研究情况

分析中

2Open Management InfrastructureOMI)权限提升漏洞(CVE-2024-21330

漏洞标题

Open Management InfrastructureOMI)权限提升漏洞(CVE-2024-21330

应急响应等级

2

漏洞类型

权限提升

影响目标

影响版本

Azure Security Center

Log Analytics Agent

Open Management Infrastructure

Operations Management Suite Agent for Linux (OMS)

System Center Operations Manager (SCOM) 2019

System Center Operations Manager (SCOM) 2022

漏洞编号

CVE 编号

CVE-2024-21433

CVSS3.1 评分

7.8

危害等级   

高危

CVSS 向量

访问途径(AV

本地

攻击复杂度(AC

所需权限(PR

用户交互(UI

不需要用户交互

影响范围(S

不变

机密性影响(C

完整性影响(I

可用性影响(A

威胁状态

Poc 情况

未发现

Exp 情况

未发现

在野利用

未发现

研究情况

分析中

3Windows Graphics Component权限提升漏洞(CVE-2024-21437

漏洞标题

Windows Graphics Component权限提升漏洞(CVE-2024-21437

应急响应等级

2

漏洞类型

权限提升

影响目标

影响版本

Windows 10 for 32-bit Systems

Windows 10 for x64-based Systems

Windows 10 Version 1607 for 32-bit Systems

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems

Windows 10 Version 1809 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 21H2 for 32-bit Systems

Windows 10 Version 21H2 for ARM64-based Systems

Windows 10 Version 21H2 for x64-based Systems

Windows 10 Version 22H2 for 32-bit Systems

Windows 10 Version 22H2 for ARM64-based Systems

Windows 10 Version 22H2 for x64-based Systems

Windows 11 version 21H2 for ARM64-based Systems

Windows 11 version 21H2 for x64-based Systems

Windows 11 Version 22H2 for ARM64-based Systems

Windows 11 Version 22H2 for x64-based Systems

Windows 11 Version 23H2 for ARM64-based Systems

Windows 11 Version 23H2 for x64-based Systems

Windows Server 2008 for 32-bit Systems Service Pack 2

Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for x64-based Systems Service Pack 2

Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)

Windows Server 2008 R2 for x64-based Systems Service Pack 1

Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)

Windows Server 2012

Windows Server 2012 (Server Core installation)

Windows Server 2012 R2

Windows Server 2012 R2 (Server Core installation)

Windows Server 2016

Windows Server 2016 (Server Core installation)

Windows Server 2019

Windows Server 2019 (Server Core installation)

Windows Server 2022

Windows Server 2022 (Server Core installation)

Windows Server 2022, 23H2 Edition (Server Core installation)

漏洞编号

CVE 编号

CVE-2024-21437

CVSS3.1 评分

7.8

危害等级   

高危

CVSS 向量

访问途径(AV

本地

攻击复杂度(AC

所需权限(PR

用户交互(UI

不需要用户交互

影响范围(S

不变

机密性影响(C

完整性影响(I

可用性影响(A

威胁状态

Poc 情况

未发现

Exp 情况

未发现

在野利用

未发现

研究情况

分析中

4Windows Composite Image File SystemCimFS)权限提升漏洞(CVE-2024-26170

漏洞标题

4Windows Composite Image File SystemCimFS)权限提升漏洞(CVE-2024-26170

应急响应等级

2

漏洞类型

权限提升

影响目标

影响版本

Windows 10 Version 21H2 for 32-bit Systems

Windows 10 Version 21H2 for ARM64-based Systems

Windows 10 Version 21H2 for x64-based Systems

Windows 10 Version 22H2 for 32-bit Systems

Windows 10 Version 22H2 for ARM64-based Systems

Windows 10 Version 22H2 for x64-based Systems

Windows 11 version 21H2 for ARM64-based Systems

Windows 11 version 21H2 for x64-based Systems

Windows 11 Version 22H2 for ARM64-based Systems

Windows 11 Version 22H2 for x64-based Systems

Windows 11 Version 23H2 for ARM64-based Systems

Windows 11 Version 23H2 for x64-based Systems

Windows Server 2022

Windows Server 2022 (Server Core installation)

Windows Server 2022, 23H2 Edition (Server Core installation)

漏洞编号

CVE 编号

CVE-2024-26170

CVSS3.1 评分

7.8

危害等级   

高危

CVSS 向量

访问途径(AV

本地

攻击复杂度(AC

所需权限(PR

用户交互(UI

不需要用户交互

影响范围(S

不变

机密性影响(C

完整性影响(I

可用性影响(A

威胁状态

Poc 情况

未发现

Exp 情况

未发现

在野利用

未发现

研究情况

分析中

5Windows内核权限提升漏洞(CVE-2024-26182

漏洞标题

Windows内核权限提升漏洞(CVE-2024-26182

应急响应等级

1

漏洞类型

权限提升

影响目标

影响版本

Windows 10 Version 1607 for 32-bit Systems

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems

Windows 10 Version 1809 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 21H2 for 32-bit Systems

Windows 10 Version 21H2 for ARM64-based Systems

Windows 10 Version 21H2 for x64-based Systems

Windows 10 Version 22H2 for 32-bit Systems

Windows 10 Version 22H2 for ARM64-based Systems

Windows 10 Version 22H2 for x64-based Systems

Windows Server 2016

Windows Server 2016 (Server Core installation)

Windows Server 2019

Windows Server 2019 (Server Core installation)

漏洞编号

CVE 编号

CVE-2024-26182

CVSS3.1 评分

7.8

危害等级   

高危

CVSS 向量

访问途径(AV

本地

攻击复杂度(AC

所需权限(PR

用户交互(UI

不需要用户交互

影响范围(S

不变

机密性影响(C

完整性影响(I

可用性影响(A

威胁状态

Poc 情况

未发现

Exp 情况

未发现

在野利用

未发现

研究情况

分析中

6Windows Hyper-V远程代码执行漏洞(CVE-2024-21407

漏洞标题

Windows Hyper-V远程代码执行漏洞(CVE-2024-21407

应急响应等级

2

漏洞类型

远程代码执行

影响目标

影响版本

Windows 10 for x64-based Systems

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 21H2 for x64-based Systems

Windows 10 Version 22H2 for x64-based Systems

Windows 11 version 21H2 for ARM64-based Systems

Windows 11 version 21H2 for x64-based Systems

Windows 11 Version 22H2 for ARM64-based Systems

Windows 11 Version 22H2 for x64-based Systems

Windows 11 Version 23H2 for ARM64-based Systems

Windows 11 Version 23H2 for x64-based Systems

Windows Server 2012

Windows Server 2012 (Server Core installation)

Windows Server 2012 R2

Windows Server 2012 R2 (Server Core installation)

Windows Server 2016

Windows Server 2016 (Server Core installation)

Windows Server 2019

Windows Server 2019 (Server Core installation)

Windows Server 2022

Windows Server 2022 (Server Core installation)

Windows Server 2022, 23H2 Edition (Server Core installation)

漏洞编号

CVE 编号

CVE-2024-21407

CVSS3.1 评分

8.1

危害等级   

高危

CVSS 向量

访问途径(AV

网络

攻击复杂度(AC

所需权限(PR

无需任何权限

用户交互(UI

不需要用户交互

影响范围(S

不变

机密性影响(C

完整性影响(I

可用性影响(A

威胁状态

Poc 情况

未发现

Exp 情况

未发现

在野利用

未发现

研究情况

分析中

7Open Management InfrastructureOMI)远程代码执行漏洞(CVE-2024-21334

漏洞标题

Open Management InfrastructureOMI)远程代码执行漏洞(CVE-2024-21334

应急响应等级

1

漏洞类型

远程代码执行

影响目标

影响版本

System Center Operations Manager (SCOM) 2022

System Center Operations Manager (SCOM) 2019

Open Management Infrastructure

漏洞编号

CVE 编号

CVE-2024-21334

CVSS3.1 评分

9.8

危害等级   

严重

CVSS 向量

访问途径(AV

网络

攻击复杂度(AC

所需权限(PR

无需任何权限

用户交互(UI

不需要用户交互

影响范围(S

不变

机密性影响(C

完整性影响(I

可用性影响(A

威胁状态

Poc 情况

未发现

Exp 情况

未发现

在野利用

未发现

研究情况

分析中

【修复方案】

官方修复方案:

目前微软针对支持的产品已发布升级补丁修复了上述漏洞,请用户参考官方通告及时下载更新补丁。

补丁获取:https://msrc.microsoft.com/update-guide/vulnerability

【参考资料】

https://msrc.microsoft.com/update-guide/releaseNote/2024-Jan