微軟補丁日安全通告11月份
1. 通告信息
2022年11月9日,微軟發布了11月安全更新,本次更新修復了包括6個0 day漏洞在內的68個安全漏洞,其中有11個漏洞評級為“嚴重”。
對此,安識科技建議廣大用戶及時升級到安全版本,并做好資產自查以及預防工作,以免遭受黑客攻擊。
2. 漏洞概述
本次發布的安全更新涉及.NET Framework、Azure、Linux Kernel、Microsoft Exchange Server、Microsoft Office、Windows Hyper-V、Visual Studio、Windows ALPC、Windows Kerberos、Windows Mark of the Web (MOTW)、Windows Network Address Translation (NAT)、Windows ODBC Driver、Windows Point-to-Point Tunneling Protocol、Windows Print Spooler Components、Windows Scripting和Windows Win32K等多個產品和組件。
本次修復的68個漏洞(不包括2個OpenSSL 漏洞)中,27個為提取漏洞,16個為遠程代碼執行漏洞,11個為信息泄露漏洞,6個為拒絕服務漏洞,4個為安全功能繞過漏洞,以及3個欺騙漏洞。
微軟本次共修復了6個被積極利用的0 day漏洞,其中CVE-2022-41091已被公開披露:
CVE-2022-41128:Windows Scripting Languages遠程代碼執行漏洞
該漏洞的CVSS評分為8.8,影響了JScript9 腳本語言和多個Windows 版本,利用該漏洞需與用戶交互,目前已檢測到漏洞利用。
CVE-2022-41091:Windows Mark of the Web 安全功能繞過漏洞
該漏洞的CVSS評分為5.4,利用該漏洞需與用戶交互。可以制作惡意文件來規避Mark of the Web (MOTW)防御,從而導致 Microsoft Office 中的受保護視圖等依賴 MOTW 標記的安全功能受到影響。該漏洞已經公開披露,且已檢測到漏洞利用。
CVE-2022-41073:Windows Print Spooler 特權提升漏洞
該漏洞的CVSS評分為7.8,影響了Windows 后臺打印程序,成功利用該漏洞的本地惡意用戶可以獲得SYSTEM權限,目前已經檢測到漏洞利用。
CVE-2022-41125:Windows CNG Key Isolation Service 特權提升漏洞
該漏洞的CVSS評分為7.8,影響了Windows CNG 密鑰隔離服務,成功利用該漏洞的本地惡意用戶可以獲得SYSTEM權限,目前已經檢測到漏洞利用。
CVE-2022-41040:Microsoft Exchange Server 特權提升漏洞
該漏洞的CVSS評分為8.8,微軟于2022年9月30日首次披露該漏洞(Microsoft Exchange ProxyNotShell漏洞),成功利用該漏洞可以提升權限,并在目標系統中運行PowerShell,但必須經過身份驗證,該漏洞已經檢測到漏洞利用。
CVE-2022-41082:Microsoft Exchange Server 遠程代碼執行漏洞
該漏洞的CVSS評分為8.8,微軟于2022年9月30日首次披露該漏洞(Microsoft Exchange ProxyNotShell漏洞),經過身份驗證的惡意用戶可以通過網絡調用在服務器帳戶的上下文中觸發惡意代碼,導致遠程代碼執行,該漏洞已經檢測到漏洞利用。
3. 漏洞危害
攻擊者可利用漏洞在未授權的情況下,構造惡意數據執行遠程代碼執行攻擊,最終獲取服務器最高權限。
4. 影響版本
漏洞名稱、CVE編號 受影響版本 Windows Web 查詢標記安全功能繞過漏洞 CVE-2022-41091 Windows 10 Version 22H2 for x64-based Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 Datacenter: Azure Edition (Hotpatch) Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Microsoft Exchange Server 特權提升漏洞 CVE-2022-41040 Microsoft Exchange Server 2016 Cumulative Update 23 Microsoft Exchange Server 2019 Cumulative Update 12 Microsoft Exchange Server 2019 Cumulative Update 11 Microsoft Exchange Server 2016 Cumulative Update 22 Microsoft Exchange Server 2013 Cumulative Update 23 Microsoft Exchange Server 遠程執行代碼漏洞 CVE-2022-41082 Microsoft Exchange Server 2016 Cumulative Update 23 Microsoft Exchange Server 2019 Cumulative Update 12 Microsoft Exchange Server 2019 Cumulative Update 11 Microsoft Exchange Server 2016 Cumulative Update 22 Microsoft Exchange Server 2013 Cumulative Update 23 Windows 腳本語言遠程代碼執行漏洞 CVE-2022-41128 Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 7 for x64-based Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows Server 2012 R2 Windows Server 2012 Windows Server 2012 Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for x64-based systems Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows 8.1 for 32-bit systems Windows 8.1 for 32-bit systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows CNG 密鑰隔離服務特權提升漏洞 CVE-2022-41125 Windows Server 2012 R2 Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2012 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for x64-based systems Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 (Server Core installation) Windows 8.1 for 32-bit systems Windows 8.1 for 32-bit systems Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 Datacenter: Azure Edition (Hotpatch) Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 打印后臺處理程序特權提升漏洞 CVE-2022-41073 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows RT 8.1 Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 8.1 for x64-based systems Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows 8.1 for 32-bit systems Windows 7 for x64-based Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 Datacenter: Azure Edition (Hotpatch) Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) |
