近日,安识科技A-Team团队监测到微软发布7月安全更新补丁,修复了84个安全问题,涉及Windows、Microsoft Office、Windows Print Spooler Components、Windows Hyper-V、Azure Site Recovery等广泛使用的产品,其中包括权限提升、远程代码执行等高危漏洞类型。
本月微软月度更新修复的漏洞中,严重程度为关键(Critical)的漏洞有4个,重要(Important)漏洞有80个,其中包括1个0day漏洞:
Windows CSRSS权限提升漏洞(CVE-2022-22047)
对此,安识科技建议广大用户及时升级到安全版本,并做好资产自查以及预防工作,以免遭受黑客攻击。
根据产品流行度和漏洞重要性筛选出此次更新中包含影响较大的漏洞,请相关用户重点进行关注:
Windows CSRSS权限提升漏洞(CVE-2022-22047):
Windows CSRSS存在权限提升漏洞,由于CSRSS中的应用程序未实行正确的安全限制,具有低权限的本地攻击者通过利用该漏洞绕过安全限制,从而在目标系统上提升至SYSTEM权限并执行任意代码,且无需用户交互。微软官方表示,该漏洞已被监测到存在在野利用。
官方通告链接:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22047
Remote Procedure Call Runtime远程代码执行漏洞(CVE-2022-22038):
Remote Procedure Call Runtime存在远程代码执行漏洞。未经身份验证的远程攻击者通过利用该漏洞在目标系统上任意执行代码。该漏洞的利用复杂度较高,微软官方表示:要成功利用此漏洞,攻击者需要通过发送恒定或间歇性数据来重复利用尝试。
官方通告链接:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22038
Windows Network File System远程代码执行漏洞(CVE-2022-22029/CVE-2022-22039):
Windows Network File System存在远程代码执行漏洞(CVE-2022-22029/CVE-2022-22039),未经身份验证的远程攻击者通过向网络文件系统(NFS)服务器发送特制的请求包,最终导致在目标系统上执行任意代码。以上漏洞的利用复杂度较高,微软官方表示:要成功利用漏洞,攻击者需要通过发送恒定或间歇性数据来重复利用尝试。
官方通告链接:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22029
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22039
Windows Graphics Component远程代码执行漏洞(CVE-2022-30221):
未经身份验证的远程攻击者可以通过诱导用户与恶意的RDP服务器相连接,最终导致在目标系统上任意执行代码。微软官方表示:只有安装了RDP 8.0或RDP 8.1的操作系统才会受到此漏洞的影响,如果用户没有在Windows 7 SP1或Window Server 2008 R2 SP1上安装这些版本的RDP,则不会受到该漏洞影响。
官方通告链接:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30221
Windows Graphics Component权限提升漏洞(CVE-2022-22034):
Windows Graphics Component存在权限提升漏洞,由于Graphics Component中的应用程序未实行正确的安全限制,具有低权限的本地攻击者通过利用该漏洞绕过安全限制,从而在目标系统上提升至SYSTEM权限,且无需用户交互,CVSS评分为7.8。
官方通告链接:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22034
Active Directory Federation Services权限提升漏洞(CVE-2022-30215):
活动目录(Active Directory)是面向 Windows Standard Server、Windows Enterprie Server 以及 Windows Datacenter Server 的目录服务。由于Active Directory联合服务的安全限制存在缺陷,在特定的配置环境中,具有低权限的远程攻击者可利用该漏洞绕过Active Directory信任边界,在目标系统上提升为域管理员权限并执行任意代码。
官方通告链接:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30215
Windows Server Service篡改漏洞(CVE-2022-30216):
Server Service存在服务篡改漏洞,由于Windows Server中的应用程序未实行正确的安全限制,经过身份验证的远程攻击者需要通过上传特制的恶意证书到目标服务器,最终可在目标系统任意执行代码,且无需用户交互。
官方通告链接:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30216
Windows Common Log File System Driver权限提升漏洞(CVE-2022-30220):
Common Log File System Driver存在权限提升漏洞,由于该产品中的应用程序未实行正确的安全限制,具有低权限的本地攻击者通过利用该漏洞绕过安全限制,从而在目标系统上提升至SYSTEM权限并执行任意代码,且无需用户交互,CVSS评分为7.8。
官方通告链接:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30220
本月微软月度更新修复的漏洞中,严重程度为关键(Critical)的漏洞有4个,重要(Important)漏洞有80个,其中包括1个0day漏洞:
Windows CSRSS权限提升漏洞(CVE-2022-22047)
Windows CSRSS存在权限提升漏洞,由于CSRSS中的应用程序未实行正确的安全限制,具有低权限的本地攻击者通过利用该漏洞绕过安全限制,从而在目标系统上提升至SYSTEM权限并执行任意代码,且无需用户交互。微软官方表示,该漏洞已被监测到存在在野利用。
目前受影响的Windows版本:
|
|
|
|
|
Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 (Server Core installation)
Windows 8.1 for x64-based systems
Windows 8.1 for 32-bit systems
Windows Server 2016 (Server Core installation)
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 for 32-bit Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 11 for ARM64-based Systems
Windows 11 for x64-based Systems
Windows Server, version 20H2 (Server Core Installation)
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for x64-based Systems
Windows Server 2022 (Server Core installation)
Windows 10 Version 21H1 for 32-bit Systems
Windows 10 Version 21H1 for ARM64-based Systems
Windows 10 Version 21H1 for x64-based Systems
Windows Server 2019 (Server Core installation)
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
|
|
|
Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2016 (Server Core installation)
Windows Server, version 20H2 (Server Core Installation)
Windows Server 2022 (Server Core installation)
Windows Server 2019 (Server Core installation)
|
|
|
Windows Server 2012 R2 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows 8.1 for x64-based systems
Windows 8.1 for 32-bit systems
Windows 7 for x64-based Systems Service Pack 1
Windows 7 for 32-bit Systems Service Pack 1
Windows Server 2016 (Server Core installation)
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 for 32-bit Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 11 for ARM64-based Systems
Windows 11 for x64-based Systems
Windows Server, version 20H2 (Server Core Installation)
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for x64-based Systems
Windows Server 2022 (Server Core installation)
Windows 10 Version 21H1 for 32-bit Systems
Windows 10 Version 21H1 for ARM64-based Systems
Windows 10 Version 21H1 for x64-based Systems
Remote Desktop client for Windows Desktop
Windows Server 2019 (Server Core installation)
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
|
|
|
Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows 8.1 for x64-based systems
Windows 8.1 for 32-bit systems
Windows 7 for x64-based Systems Service Pack 1
Windows 7 for 32-bit Systems Service Pack 1
Windows Server 2016 (Server Core installation)
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 for 32-bit Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 11 for ARM64-based Systems
Windows 11 for x64-based Systems
Windows Server, version 20H2 (Server Core Installation)
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for x64-based Systems
Windows Server 2022 (Server Core installation)
Windows 10 Version 21H1 for 32-bit Systems
Windows 10 Version 21H1 for ARM64-based Systems
Windows 10 Version 21H1 for x64-based Systems
Windows Server 2019 (Server Core installation)
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
|
|
|
Windows Server 2016 (Server Core installation)
Windows Server, version 20H2 (Server Core Installation)
Windows Server 2022 (Server Core installation)
Windows Server 2019 (Server Core installation)
|
|
|
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 11 for ARM64-based Systems
Windows 11 for x64-based Systems
Windows Server, version 20H2 (Server Core Installation)
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for x64-based Systems
Windows Server 2022 (Server Core installation)
Windows 10 Version 21H1 for 32-bit Systems
Windows 10 Version 21H1 for ARM64-based Systems
Windows 10 Version 21H1 for x64-based Systems
|
目前微软官方已针对受支持的产品版本发布了修复以上漏洞的安全补丁,强烈建议受影响用户尽快安装补丁进行防护,官方下载链接:
https://msrc.microsoft.com/update-guide/en-us/releaseNote/2022-Jul
【-】2022年07月18日 安识科技A-Team团队监测到漏洞公布信息
【-】2022年07月19日 安识科技A-Team团队根据漏洞信息分析
【-】2022年07月20日 安识科技A-Team团队发布安全通告
本文作者:安识科技
本文为安全脉搏专栏作者发布,转载请注明:https://www.secpulse.com/archives/183850.html
