漏洞风险提示 | 微软5月补丁日多个高危安全漏洞
微软5月补丁日多个高危安全漏洞
5月10日,微软官方发布了本月的安全更新通告,对多个产品中的安全漏洞进行了修复:
https://msrc.microsoft.com/update-guide/releaseNote/2022-May
其中值得重点关注的可远程利用的服务端漏洞主要包括CVE-2022-26923 AD (Active Directory)域权限提升漏洞,CVE-2022-26925 Windows LSA 欺骗漏洞,CVE-2022-26937 Windows Network File System 远程代码执行漏洞。
漏洞描述
CVE-2022-26923 AD 域服务权限提升漏洞
当 AD证书服务在域上运行时,具有域普通用户权限的攻击者可通过在证书请求中包含精心构造的恶意数据来利用此漏洞,从而可权限提升至域管理员。AD 域内运行有证书服务是一种很常见的配置。目前该漏洞细节已被公开。
CVE-2022-26925 Windows LSA 欺骗漏洞
未经过身份验证的攻击者可调用 LSARPC 服务接口上的方法来利用此漏洞,从而可强制使 AD 域控服务器通过 NTLM 来认证攻击者。攻击者可将此漏洞与 NTLM Relay 攻击手法相结合,从而造成更严重的危害。
CVE-2022-26937 Windows Network File System 远程代码执行漏洞
CVE-2022-26937 是存在于 Windows Network File System 中的远程代码执行漏洞,远程且未经过授权的攻击者可通过发送恶意的 NFS 协议数据包来进行漏洞利用。这个漏洞只影响启用了 NFS 角色的 Windows 系统,且目前尚未有公开的细节和利用脚本。
影响范围
CVE | 影响系统范围 |
CVE-2022-26923 AD 域服务权限提升漏洞 | Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows 8.1 for 32-bit systems Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems "Windows Server Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems |
CVE-2022-26925 Windows LSA 欺骗漏洞 | Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows 8.1 for 32-bit systems Windows 7 for x64-based Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems "Windows Server Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems |
CVE-2022-26937 Windows Network File System 远程代码执行漏洞 | Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2016 (Server Core installation) Windows Server 2016 "Windows Server Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 |
解决方案
微软官方已发布相应的补丁修复漏洞,Windows 系统用户可通过默认开启的安全更新检查进行漏洞修复更新,也可以访问以下链接手动安装相关的漏洞补丁:
https://msrc.microsoft.com/update-guide/releaseNote/2022-May参考资料
https://msrc.microsoft.com/update-guide/releaseNote/2022-May