腾讯云安全运营中心监测到, 微软发布了2021年12月的例行安全更新公告,共涉及漏洞数67个,其中严重级别漏洞7个,重要级别60个。本次发布涉及Windows、ASP.NET、Visual Studio、Azure、Defender for IoT、Microsoft Office、SharePoint Server、PowerShell、Remote Desktop Client、Windows Hyper-V、Windows Mobile Device Management、Windows Remote Access Connection Manager等多个软件的安全更新。
为避免您的业务受影响,腾讯云安全建议您及时开展安全自查,如在受影响范围,请您及时进行更新修复,避免被外部攻击者入侵。
漏洞详情
· 在此次公告中以下漏洞需要重点关注:
CVE-2021-43215(iSNS 服务器远程代码执行漏洞): CVSS评分9.8,为严重漏洞,iSNS 是一种协议,它支持在 TCP/IP 存储网络上自动发现和管理 iSCSI 设备。该漏洞为 Internet 存储名称服务 (iSNS) 服务器中的一个错误,如果攻击者向受影响的服务器发送特制请求,该错误可能允许远程执行代码。 CVE-2021-43217(Windows 加密文件系统 (EFS) 远程代码执行漏洞): CVSS评分8.1,高风险,据官方描述不太可能被利用。 攻击者利用漏洞可能导致缓冲区溢出写入,从而导致未经身份验证的非沙盒代码执行。该漏洞不需要使用 EFS 也可利用,如果 EFS 服务尚未运行,EFS 接口会触发它启动。 · 公告其他需关注的漏洞: CVE-2021-43890(Windows AppX 安装程序欺骗漏洞): CVSS评分7.1,高风险,据官方描述漏洞详情已被公开,已被僵尸网络攻击者积极利用。 该漏洞可以被低用户权限的攻击者远程利用,需要欺骗用户进行交互操作实现攻击。攻击者可以制作恶意附件用于网络钓鱼活动。然后攻击者必须说服用户打开特制的附件,Emotet/Trickbot/Bazaloader 恶意软件家族积极利用了该漏洞。 CVE-2021-43240(NTFS 设置短名称特权提升漏洞): CVSS评分7.8,高风险,未发现在野利用。微软风险评估为不太可能利用。 CVE-2021-41333(Windows 打印后台处理程序特权提升漏洞): CVSS评分7.8,高风险,漏洞信息已披露,微软风险评估为“有可能被利用”。 CVE-2021-43883(Windows 安装程序特权提升漏洞): CVSS评分7.8,高风险,据官方描述已发现存在在野利用。 该漏洞是安全研究员 Abdelhamid Naceri发现的,他在检查微软的修复后发现了一个绕过补丁和一个更强大的新0day特权提升漏洞。Naceri 在GitHub上发布了新0day漏洞的POC/EXP,解释说适用于所有受支持的 Windows 版本。 CVE-2021-43893(Windows 加密文件系统 (EFS) 特权提升漏洞): CVSS评分7.5,高风险,漏洞信息已公开,微软风险评估为“不太可能被利用” CVE-2021-43880(Windows Mobile 设备管理特权提升漏洞): CVSS评分5.5,中风险,攻击者利用漏洞可获取SYSTEM权限。MDM是Windows 上的移动设备管理,Windows 管理组件有两个部分:注册客户端,用于注册和配置设备以与企业管理服务器通信;管理客户端,它定期与管理服务器同步以检查更新并应用IT设置的最新策略。
风险等级
高风险
漏洞风险
攻击者利用该漏洞可导致远程代码执行等危害
影响版本
CVE-2021-43215: Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows 7 for x64-based Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 2004 for x64-based Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2021-43217: Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows 7 for x64-based Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 2004 for x64-based Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for 32-bit Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems 其他影响版本详情请参考官方公告
安全版本
微软2021年12月最新补丁
修复建议
官方已发布漏洞补丁及修复版本,请评估业务是否受影响后,酌情升级至安全版本。
【备注】:建议您在升级前做好数据备份工作,避免出现意外
漏洞参考:
https://msrc.microsoft.com/update-guide/releaseNote/2021-Dec https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43215 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43217 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43890 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43240 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-41333 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43883 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43893
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43880
END
更多精彩内容点击下方扫码关注哦~
云鼎实验室视频号
一分钟走进趣味科技
-扫码关注我们-
关注云鼎实验室,获取更多安全情报