一、漏洞公告
微软官方发布了11月安全更新公告,包含了微软家族多个软件的安全更新补丁,包括:Microsoft Office、Windows Hyper-V、Microsoft Exchange Server、Windows Win32K、Windows Kerberos等多个CVE安全漏洞补丁。请相关用户及时更新对应补丁修复漏洞。
参考链接:
https://msrc.microsoft.com/update-guide/releaseNote/2022-Nov
根据公告,此次更新中修复的Windows MOTW安全功能绕过漏洞(CVE-2022-41049)、Windows HTTP.sys特权提升漏洞(CVE-2022-41057)、Windows MOTW安全功能绕过漏洞(CVE-2022-41091)、Microsoft DWM Core Library特权提升漏洞(CVE-2022-41096)、Windows Win32k特权提升漏洞(CVE-2022-41109)、Windows Win32内核子系统特权提升漏洞(CVE-2022-41113)、Windows Scripting Languages远程代码执行漏洞(CVE-2022-41118)、Windows CNG Key Isolation Service特权提升漏洞(CVE-2022-41125)、Windows打印机提权漏洞(CVE-2022-41073) 及Windows Scripting Languages远程代码执行漏洞(CVE-2022-41128) 风险较大。其中CVE-2022-41091 Windows MOTW安全功能绕过漏洞、CVE-2022-41125 Windows CNG Key Isolation Service特权提升漏洞、CVE-2022-41073 Windows打印机提权漏洞及CVE-2022-41128 Windows Scripting Languages远程代码执行漏洞存在在野利用,建议尽快安装安全更新补丁或采取临时缓解措施加固系统。
相关链接参考:
https://msrc.microsoft.com/update-guide/vulnerability/
二、影响范围
Windows MOTW安全功能绕过漏洞(CVE-2022-41049、CVE-2022-41091)
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for x64-based Systems
Windows 10 Version 21H1 for 32-bit Systems
Windows 10 Version 21H1 for ARM64-based Systems
Windows 10 Version 21H1 for x64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 22H2 for 32-bit Systems
Windows 10 Version 22H2 for ARM64-based Systems
Windows 10 Version 22H2 for x64-based Systems
Windows 11 for ARM64-based Systems
Windows 11 for x64-based Systems
Windows 11 Version 22H2 for ARM64-based Systems
Windows 11 Version 22H2 for x64-based Systems
Windows Server 2016
Windows Server 2016 (Server Core installation)
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows Server 2022
Windows Server 2022 (Server Core installation)
Windows Server 2022 Datacenter: Azure Edition (Hotpatch)
Windows HTTP.sys特权提升漏洞(CVE-2022-41057)
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for x64-based Systems
Windows 10 Version 21H1 for 32-bit Systems
Windows 10 Version 21H1 for ARM64-based Systems
Windows 10 Version 21H1 for x64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 22H2 for 32-bit Systems
Windows 10 Version 22H2 for ARM64-based Systems
Windows 10 Version 22H2 for x64-based Systems
Windows 11 for ARM64-based Systems
Windows 11 for x64-based Systems
Windows 11 Version 22H2 for ARM64-based Systems
Windows 11 Version 22H2 for x64-based Systems
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based systems
Windows RT 8.1
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
Windows Server 2016
Windows Server 2016 (Server Core installation)
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows Server 2022
Windows Server 2022 (Server Core installation)
Windows Server 2022 Datacenter: Azure Edition (Hotpatch)
Microsoft DWM Core Library特权提升漏洞(CVE-2022-41096)
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for x64-based Systems
Windows 10 Version 21H1 for 32-bit Systems
Windows 10 Version 21H1 for ARM64-based Systems
Windows 10 Version 21H1 for x64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 22H2 for 32-bit Systems
Windows 10 Version 22H2 for ARM64-based Systems
Windows 10 Version 22H2 for x64-based Systems
Windows 11 for ARM64-based Systems
Windows 11 for x64-based Systems
Windows 11 Version 22H2 for ARM64-based Systems
Windows 11 Version 22H2 for x64-based Systems
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows Server 2022
Windows Server 2022 (Server Core installation)
Windows Win32k特权提升漏洞(CVE-2022-41109)
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for x64-based Systems
Windows 10 Version 21H1 for 32-bit Systems
Windows 10 Version 21H1 for ARM64-based Systems
Windows 10 Version 21H1 for x64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 22H2 for 32-bit Systems
Windows 10 Version 22H2 for ARM64-based Systems
Windows 10 Version 22H2 for x64-based Systems
Windows 11 for ARM64-based Systems
Windows 11 for x64-based Systems
Windows 11 Version 22H2 for ARM64-based Systems
Windows 11 Version 22H2 for x64-based Systems
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based systems
Windows RT 8.1
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
Windows Server 2016
Windows Server 2016 (Server Core installation)
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows Server 2022
Windows Server 2022 (Server Core installation)
Windows Server 2022 Datacenter: Azure Edition (Hotpatch)
Windows Win32内核子系统特权提升漏洞(CVE-2022-41113)
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for x64-based Systems
Windows 10 Version 21H1 for 32-bit Systems
Windows 10 Version 21H1 for ARM64-based Systems
Windows 10 Version 21H1 for x64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 22H2 for 32-bit Systems
Windows 10 Version 22H2 for ARM64-based Systems
Windows 10 Version 22H2 for x64-based Systems
Windows 11 for ARM64-based Systems
Windows 11 for x64-based Systems
Windows 11 Version 22H2 for ARM64-based Systems
Windows 11 Version 22H2 for x64-based Systems
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows Server 2022
Windows Server 2022 (Server Core installation)
Windows Server 2022 Datacenter: Azure Edition (Hotpatch)
Windows Scripting Languages远程代码执行漏洞(CVE-2022-41118)
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for x64-based Systems
Windows 10 Version 21H1 for 32-bit Systems
Windows 10 Version 21H1 for ARM64-based Systems
Windows 10 Version 21H1 for x64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 22H2 for 32-bit Systems
Windows 10 Version 22H2 for ARM64-based Systems
Windows 10 Version 22H2 for x64-based Systems
Windows 11 for ARM64-based Systems
Windows 11 for x64-based Systems
Windows 11 Version 22H2 for ARM64-based Systems
Windows 11 Version 22H2 for x64-based Systems
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based systems
Windows RT 8.1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2012 R2
Windows Server 2016
Windows Server 2019
Windows Server 2022
Windows打印机提权漏洞(CVE-2022-41073)
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for x64-based Systems
Windows 10 Version 21H1 for 32-bit Systems
Windows 10 Version 21H1 for ARM64-based Systems
Windows 10 Version 21H1 for x64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 22H2 for 32-bit Systems
Windows 10 Version 22H2 for ARM64-based Systems
Windows 10 Version 22H2 for x64-based Systems
Windows 11 for ARM64-based Systems
Windows 11 for x64-based Systems
Windows 11 Version 22H2 for ARM64-based Systems
Windows 11 Version 22H2 for x64-based Systems
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based systems
Windows RT 8.1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2012 R2
Windows Server 2016
Windows Server 2019
Windows Server 2022
Windows CNG Key Isolation Service特权提升漏洞(CVE-2022-41125)
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for x64-based Systems
Windows 10 Version 21H1 for 32-bit Systems
Windows 10 Version 21H1 for ARM64-based Systems
Windows 10 Version 21H1 for x64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 22H2 for 32-bit Systems
Windows 10 Version 22H2 for ARM64-based Systems
Windows 10 Version 22H2 for x64-based Systems
Windows 11 for ARM64-based Systems
Windows 11 for x64-based Systems
Windows 11 Version 22H2 for ARM64-based Systems
Windows 11 Version 22H2 for x64-based Systems
Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based systems
Windows RT 8.1
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
Windows Server 2016
Windows Server 2016 (Server Core installation)
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows Server 2022
Windows Server 2022 (Server Core installation)
Windows Server 2022 Datacenter: Azure Edition (Hotpatch)
Windows Scripting Languages远程代码执行漏洞(CVE-2022-41128)
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for x64-based Systems
Windows 10 Version 21H1 for 32-bit Systems
Windows 10 Version 21H1 for ARM64-based Systems
Windows 10 Version 21H1 for x64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 22H2 for 32-bit Systems
Windows 10 Version 22H2 for ARM64-based Systems
Windows 10 Version 22H2 for x64-based Systems
Windows 11 for ARM64-based Systems
Windows 11 for x64-based Systems
Windows 11 Version 22H2 for ARM64-based Systems
Windows 11 Version 22H2 for x64-based Systems
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based systems
Windows RT 8.1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2012
Windows Server 2012 R2
Windows Server 2016
Windows Server 2019
Windows Server 2022
11月安全公告列表,包含的其他漏洞快速阅读指引(非全部):
https://msrc.microsoft.com/update-guide/releaseNote/2022-Nov
CVE-2022-41064|.NET Framework 信息泄露漏洞
CVE-2022-23824|AMD:IBPB and Return Address Predictor Interactions
CVE-2022-39327|GitHub:Azure CLI 中代码生成控制不当(“代码注入”)
CVE-2022-41085|Azure CycleCloud 特权提升漏洞
CVE-2022-41051|Azure RTOS GUIX Studio 远程代码执行漏洞
CVE-2022-38014|适用于 Linux 的 Windows 子系统 (WSL2) 内核提权漏洞
CVE-2022-41066|Microsoft 业务中心信息泄露漏洞
CVE-2022-41052|Windows 图形组件远程代码执行漏洞
CVE-2022-41113|Windows Win32 内核子系统提权漏洞
CVE-2022-41105|Microsoft Excel 信息泄露漏洞
CVE-2022-41107|Microsoft Office Graphics 远程代码执行漏洞
CVE-2022-41106|Microsoft Excel 远程代码执行漏洞
CVE-2022-41063|Microsoft Excel 远程代码执行漏洞
CVE-2022-41104|Microsoft Excel 安全功能绕过漏洞
CVE-2022-41122|Microsoft SharePoint Server 欺骗漏洞
CVE-2022-41062|Microsoft SharePoint Server 远程代码执行漏洞
CVE-2022-41061|Microsoft Word 远程代码执行漏洞
CVE-2022-41103|Microsoft Word 信息泄露漏洞
CVE-2022-41060|Microsoft Word 信息泄露漏洞
CVE-2022-41097|网络策略服务器 (NPS) RADIUS 协议信息泄露漏洞
CVE-2022-3786|OpenSSL:CVE-2022-3786 X.509 证书验证缓冲区溢出
CVE-2022-3602|OpenSSL:CVE-2022-3602 X.509 证书验证缓冲区溢出
CVE-2022-38015|Windows Hyper-V 拒绝服务漏洞
CVE-2022-41120|Microsoft Windows Sysmon 特权提升漏洞
CVE-2022-41119|Visual Studio 远程代码执行漏洞
CVE-2022-39253|GitHub:CVE-2022-39253 本地克隆优化默认取消引用符号链接
CVE-2022-41093|Windows 高级本地过程调用 (ALPC) 特权提升漏洞
CVE-2022-41045|Windows 高级本地过程调用 (ALPC) 特权提升漏洞
CVE-2022-41100|Windows 高级本地过程调用 (ALPC) 特权提升漏洞
CVE-2022-41114|Windows 绑定筛选器驱动程序特权提升漏洞
CVE-2022-41099|BitLocker 安全功能绕过漏洞
CVE-2022-41125|Windows CNG 密钥隔离服务提权漏洞
CVE-2022-41055|Windows 人机界面设备信息泄露漏洞
CVE-2022-41095|Windows 数字媒体接收器特权提升漏
CVE-2022-41096|Microsoft DWM 核心库特权提升漏洞
CVE-2022-41050|Windows 可扩展文件分配表特权提升漏洞
CVE-2022-37992|Windows 组策略特权提升漏洞
CVE-2022-41086|Windows 组策略特权提升漏洞
CVE-2022-41057|Windows HTTP.sys 特权提升漏洞
CVE-2022-37966|Windows Kerberos RC4-HMAC 特权提升漏洞
CVE-2022-37967|Windows Kerberos 特权提升漏洞
CVE-2022-41049|Windows MOTW安全功能绕过漏洞
CVE-2022-41091|Windows MOTW安全功能绕过漏洞
CVE-2022-38023|Netlogon RPC 特权提升漏洞
CVE-2022-41047|Microsoft ODBC 驱动程序远程执行代码漏洞
CVE-2022-41048|Microsoft ODBC 驱动程序远程执行代码漏洞
CVE-2022-41102|Windows Overlay Filter特权提升漏洞
CVE-2022-41101|Windows Overlay Filter特权提升漏洞
CVE-2022-41044|Windows 点对点隧道协议远程代码执行漏洞
CVE-2022-41088|Windows 点对点隧道协议远程代码执行漏洞
CVE-2022-41116|Windows 点对点隧道协议拒绝服务漏洞
CVE-2022-41090|Windows 点对点隧道协议拒绝服务漏洞
CVE-2022-41039|Windows 点对点隧道协议远程代码执行漏洞
CVE-2022-41073|Windows 后台打印程序特权提升漏洞
CVE-2022-41054|Windows 弹性文件系统 (ReFS) 特权提升漏洞
CVE-2022-41128|Windows Scripting Languages远程代码执行漏洞
CVE-2022-41118|Windows Scripting Languages远程代码执行漏洞
CVE-2022-41098|Windows GDI+ 信息泄露漏洞
CVE-2022-41109|Windows Win32k 特权提升漏洞
CVE-2022-41092|Windows Win32k 特权提升漏洞
三、 漏洞描述
Windows MOTW安全功能绕过漏洞(CVE-2022-41091):
细节是否公开 |
POC状态 |
EXP状态 |
在野利用 |
否 |
未公开 |
未公开 |
存在 |
Windows MOTW组件中存在一处安全功能绕过漏洞(CVE-2022-41091),攻击者可通过构造特定的文件来利用这个漏洞,成功利用此漏洞可使被下载的文件绕过文件安全保护功能。
Windows打印机提权漏洞(CVE-2022-41073):
细节是否公开 |
POC状态 |
EXP状态 |
在野利用 |
否 |
未公开 |
未公开 |
存在 |
Windows打印机服务中存在一处特权提升漏洞(CVE-2022-41073),本地攻击者可通过在目标系统上运行恶意程序来利用此漏洞,成功利用此漏洞可在目标系统上以SYSTEM权限执行任意代码。
Windows CNG Key Isolation Service特权提升漏洞(CVE-2022-41125):
细节是否公开 |
POC状态 |
EXP状态 |
在野利用 |
否 |
未公开 |
未公开 |
存在 |
Windows CNG Key Isolation Service中存在一处特权提升漏洞(CVE-2022-41125),本地攻击者可通过在目标系统上运行恶意程序来利用此漏洞,成功利用此漏洞可在目标系统上以SYSTEM权限执行任意代码。
Windows Scripting Languages远程代码执行漏洞(CVE-2022-41128):
细节是否公开 |
POC状态 |
EXP状态 |
在野利用 |
否 |
未公开 |
未公开 |
存在 |
Windows Scripting Languages中存在一处远程代码执行漏洞(CVE-2022-41128),攻击者可以通过诱使用户访问特制的服务器共享或网站来利用此漏洞,成功利用此漏洞的攻击者可以执行任意代码。
Windows MOTW安全功能绕过漏洞(CVE-2022-41049):
细节是否公开 |
POC状态 |
EXP状态 |
在野利用 |
否 |
未公开 |
未公开 |
未发现 |
Windows MOTW组件中存在一处安全功能绕过漏洞(CVE-2022-41049),攻击者可通过构造特定的文件来利用这个漏洞,成功利用此漏洞可使被下载的文件绕过文件安全保护功能。
Windows HTTP.sys特权提升漏洞(CVE-2022-41057):
细节是否公开 |
POC状态 |
EXP状态 |
在野利用 |
否 |
未公开 |
未公开 |
未发现 |
Windows HTTP.sys中存在一处特权提升漏洞(CVE-2022-41057),本地攻击者可通过在目标系统上运行恶意程序来利用此漏洞,成功利用此漏洞可在目标系统上以SYSTEM权限执行任意代码。
Microsoft DWM Core Library特权提升漏洞(CVE-2022-41096):
细节是否公开 |
POC状态 |
EXP状态 |
在野利用 |
否 |
未公开 |
未公开 |
未发现 |
Microsoft DWM Core Library中存在一处特权提升漏洞(CVE-2022-41096),本地攻击者可通过在目标系统上运行恶意程序来利用此漏洞,成功利用此漏洞可在目标系统上以SYSTEM权限执行任意代码。
Windows Win32k特权提升漏洞(CVE-2022-41109):
细节是否公开 |
POC状态 |
EXP状态 |
在野利用 |
否 |
未公开 |
未公开 |
未发现 |
Windows Win32k中存在一处特权提升漏洞(CVE-2022-41109),本地攻击者可通过在目标系统上运行恶意程序来利用此漏洞,成功利用此漏洞可在目标系统上以SYSTEM权限执行任意代码。
Windows Win32内核子系统特权提升漏洞(CVE-2022-41113):
细节是否公开 |
POC状态 |
EXP状态 |
在野利用 |
否 |
未公开 |
未公开 |
未发现 |
Windows Win32内核子系统中存在一处特权提升漏洞(CVE-2022-41113),具有管理列表权限的经过身份验证的攻击者可以在 SharePoint Server 上远程执行代码。
Windows Scripting Languages远程代码执行漏洞(CVE-2022-41118):
细节是否公开 |
POC状态 |
EXP状态 |
在野利用 |
否 |
未公开 |
未公开 |
未发现 |
Windows Scripting Languages中存在一处远程代码执行漏洞(CVE-2022-41118),攻击者可以通过诱使用户访问特制的服务器共享或网站来利用此漏洞,成功利用此漏洞的攻击者可以执行任意代码。
四、缓解措施
高危:目前漏洞细节虽未公开,但是恶意攻击者可以通过补丁对比方式分析出漏洞触发点,并进一步开发漏洞利用代码,Microsoft已发布相关安全更新,鉴于漏洞的严重性,建议受影响的用户尽快修复。
(一)Windows 更新:
自动更新:
Microsoft Update默认启用,当系统检测到可用更新时,将会自动下载更新并在下一次启动时安装。
手动更新:
1、点击“开始菜单”或按Windows快捷键,点击进入“设置”。
2、选择“更新和安全”,进入“Windows更新”(Windows 8、Windows 8.1、Windows Server 2012以及Windows Server 2012 R2可通过控制面板进入“Windows更新”,具体步骤为“控制面板”->“系统和安全”->“Windows更新”)。
3、选择“检查更新”,等待系统将自动检查并下载可用更新。
4、重启计算机,安装更新系统重新启动后,可通过进入“Windows更新”->“查看更新历史记录”查看是否成功安装了更新。
(二)目前微软针对支持的产品已发布升级补丁修复了上述漏洞,请用户参考官方通告及时下载更新补丁。
补丁获取:https://msrc.microsoft.com/update-guide/vulnerability
来源:微软官方