2021年12月“微軟補丁日” 多個產品高危漏洞風險通告
騰訊云安全運營中心監測到, 微軟發布了2021年12月的例行安全更新公告,共涉及漏洞數67個,其中嚴重級別漏洞7個,重要級別60個。本次發布涉及Windows、ASP.NET、Visual Studio、Azure、Defender for IoT、Microsoft Office、SharePoint Server、PowerShell、Remote Desktop Client、Windows Hyper-V、Windows Mobile Device Management、Windows Remote Access Connection Manager等多個軟件的安全更新。
為避免您的業務受影響,騰訊云安全建議您及時開展安全自查,如在受影響范圍,請您及時進行更新修復,避免被外部攻擊者入侵。
漏洞詳情
· 在此次公告中以下漏洞需要重點關注:
CVE-2021-43215(iSNS 服務器遠程代碼執行漏洞):
CVSS評分9.8,為嚴重漏洞,iSNS 是一種協議,它支持在 TCP/IP 存儲網絡上自動發現和管理 iSCSI 設備。該漏洞為 Internet 存儲名稱服務 (iSNS) 服務器中的一個錯誤,如果攻擊者向受影響的服務器發送特制請求,該錯誤可能允許遠程執行代碼。
CVE-2021-43217(Windows 加密文件系統 (EFS) 遠程代碼執行漏洞):
CVSS評分8.1,高風險,據官方描述不太可能被利用。
攻擊者利用漏洞可能導致緩沖區溢出寫入,從而導致未經身份驗證的非沙盒代碼執行。該漏洞不需要使用 EFS 也可利用,如果 EFS 服務尚未運行,EFS 接口會觸發它啟動。
· 公告其他需關注的漏洞:
CVE-2021-43890(Windows AppX 安裝程序欺騙漏洞):
CVSS評分7.1,高風險,據官方描述漏洞詳情已被公開,已被僵尸網絡攻擊者積極利用。
該漏洞可以被低用戶權限的攻擊者遠程利用,需要欺騙用戶進行交互操作實現攻擊。攻擊者可以制作惡意附件用于網絡釣魚活動。然后攻擊者必須說服用戶打開特制的附件,Emotet/Trickbot/Bazaloader 惡意軟件家族積極利用了該漏洞。
CVE-2021-43240(NTFS 設置短名稱特權提升漏洞):
CVSS評分7.8,高風險,未發現在野利用。微軟風險評估為不太可能利用。
CVE-2021-41333(Windows 打印后臺處理程序特權提升漏洞):
CVSS評分7.8,高風險,漏洞信息已披露,微軟風險評估為“有可能被利用”。
CVE-2021-43883(Windows 安裝程序特權提升漏洞):
CVSS評分7.8,高風險,據官方描述已發現存在在野利用。
該漏洞是安全研究員 Abdelhamid Naceri發現的,他在檢查微軟的修復后發現了一個繞過補丁和一個更強大的新0day特權提升漏洞。Naceri 在GitHub上發布了新0day漏洞的POC/EXP,解釋說適用于所有受支持的 Windows 版本。
CVE-2021-43893(Windows 加密文件系統 (EFS) 特權提升漏洞):
CVSS評分7.5,高風險,漏洞信息已公開,微軟風險評估為“不太可能被利用”
CVE-2021-43880(Windows Mobile 設備管理特權提升漏洞):
CVSS評分5.5,中風險,攻擊者利用漏洞可獲取SYSTEM權限。MDM是Windows 上的移動設備管理,Windows 管理組件有兩個部分:注冊客戶端,用于注冊和配置設備以與企業管理服務器通信;管理客戶端,它定期與管理服務器同步以檢查更新并應用IT設置的最新策略。
風險等級
高風險
漏洞風險
攻擊者利用該漏洞可導致遠程代碼執行等危害
影響版本
CVE-2021-43215:
Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 (Server Core installation)
Windows Server 2012
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows RT 8.1
Windows 8.1 for x64-based systems
Windows 8.1 for 32-bit systems
Windows 7 for x64-based Systems Service Pack 1
Windows 7 for 32-bit Systems Service Pack 1
Windows Server 2016 (Server Core installation)
Windows Server 2016
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 for 32-bit Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows Server, version 20H2 (Server Core Installation)
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for x64-based Systems
Windows Server, version 2004 (Server Core installation)
Windows 10 Version 2004 for x64-based Systems
Windows 10 Version 2004 for ARM64-based Systems
Windows 10 Version 2004 for 32-bit Systems
Windows 10 Version 21H1 for 32-bit Systems
Windows 10 Version 21H1 for ARM64-based Systems
Windows 10 Version 21H1 for x64-based Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 1909 for 32-bit Systems
Windows Server 2019 (Server Core installation)
Windows Server 2019
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
CVE-2021-43217:
Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 (Server Core installation)
Windows Server 2012
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows RT 8.1
Windows 8.1 for x64-based systems
Windows 8.1 for 32-bit systems
Windows 7 for x64-based Systems Service Pack 1
Windows 7 for 32-bit Systems Service Pack 1
Windows Server 2016 (Server Core installation)
Windows Server 2016
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 for 32-bit Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 11 for ARM64-based Systems
Windows 11 for x64-based Systems
Windows Server, version 20H2 (Server Core Installation)
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for x64-based Systems
Windows Server, version 2004 (Server Core installation)
Windows 10 Version 2004 for x64-based Systems
Windows 10 Version 2004 for ARM64-based Systems
Windows 10 Version 2004 for 32-bit Systems
Windows Server 2022 (Server Core installation)
Windows Server 2022
Windows 10 Version 21H1 for 32-bit Systems
Windows 10 Version 21H1 for ARM64-based Systems
Windows 10 Version 21H1 for x64-based Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 1909 for 32-bit Systems
Windows Server 2019 (Server Core installation)
Windows Server 2019
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
其他影響版本詳情請參考官方公告
安全版本
微軟2021年12月最新補丁
修復建議
官方已發布漏洞補丁及修復版本,請評估業務是否受影響后,酌情升級至安全版本。
【備注】:建議您在升級前做好數據備份工作,避免出現意外
漏洞參考:
https://msrc.microsoft.com/update-guide/releaseNote/2021-Dec
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43215
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43217
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43890
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43240
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-41333
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43883
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43893
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43880
END
更多精彩內容點擊下方掃碼關注哦~
云鼎實驗室視頻號
一分鐘走進趣味科技
-掃碼關注我們-
關注云鼎實驗室,獲取更多安全情報
