云服务器
  • 晏宇云
  • 腾讯云CVM
  • 阿里云Ecs
  • 快云服务器
  • 橙云主机
  • 其他云服务器
物理服务器
  • 服务器租用
  • 服务器托管 待上线
  • 高防服务器
  • 站群服务器
  • 宿主机服务器
网络
  • 动态IP
  • 融合CDN 待上线
域名与网站
  • 域名注册
  • 云虚拟主机
关联代付
  • 腾讯云
  • 阿里云
  • 景安
公告/产品公告/【安全通告】2021年12月“微软补丁日” 多个产品高危漏洞风险通告/

【安全通告】2021年12月“微软补丁日” 多个产品高危漏洞风险通告

作者:嘉和数码  发布时间:2021-12-27 11:32:40  浏览次数:344

尊敬的腾讯云用户,您好!

腾讯云安全运营中心监测到, 微软发布了2021年12月的例行安全更新公告,共涉及漏洞数67个,其中严重级别漏洞7个,重要级别60个。本次发布涉及Windows、ASP.NET、Visual Studio、Azure、Defender for IoT、Microsoft Office、SharePoint Server、PowerShell、Remote Desktop Client、Windows Hyper-V、Windows Mobile Device Management、Windows Remote Access Connection Manager等多个软件的安全更新。

为避免您的业务受影响,腾讯云安全建议您及时开展安全自查,如在受影响范围,请您及时进行更新修复,避免被外部攻击者入侵。

漏洞详情

在此次公告中以下漏洞需要重点关注:
CVE-2021-43215(iSNS 服务器远程代码执行漏洞):
CVSS评分9.8,为严重漏洞,iSNS 是一种协议,它支持在 TCP/IP 存储网络上自动发现和管理 iSCSI 设备。该漏洞为 Internet 存储名称服务 (iSNS) 服务器中的一个错误,如果攻击者向受影响的服务器发送特制请求,该错误可能允许远程执行代码。

CVE-2021-43217(Windows 加密文件系统 (EFS) 远程代码执行漏洞):
CVSS评分8.1,高风险,据官方描述不太可能被利用。
攻击者利用漏洞可能导致缓冲区溢出写入,从而导致未经身份验证的非沙盒代码执行。该漏洞不需要使用 EFS 也可利用,如果 EFS 服务尚未运行,EFS 接口会触发它启动。

公告其他需关注的漏洞:
CVE-2021-43890(Windows AppX 安装程序欺骗漏洞):
CVSS评分7.1,高风险,据官方描述漏洞详情已被公开,已被僵尸网络攻击者积极利用。
该漏洞可以被低用户权限的攻击者远程利用,需要欺骗用户进行交互操作实现攻击。攻击者可以制作恶意附件用于网络钓鱼活动。然后攻击者必须说服用户打开特制的附件,Emotet/Trickbot/Bazaloader 恶意软件家族积极利用了该漏洞。

CVE-2021-43240(NTFS 设置短名称特权提升漏洞):
CVSS评分7.8,高风险,未发现在野利用。微软风险评估为不太可能利用。

CVE-2021-41333(Windows 打印后台处理程序特权提升漏洞):
CVSS评分7.8,高风险,漏洞信息已披露,微软风险评估为“有可能被利用”。

CVE-2021-43883(Windows 安装程序特权提升漏洞):
CVSS评分7.8,高风险,据官方描述已发现存在在野利用。
该漏洞是安全研究员 Abdelhamid Naceri发现的,他在检查微软的修复后发现了一个绕过补丁和一个更强大的新0day特权提升漏洞。Naceri 在GitHub上发布了新0day漏洞的POC/EXP,解释说适用于所有受支持的 Windows 版本。

CVE-2021-43893(Windows 加密文件系统 (EFS) 特权提升漏洞):
CVSS评分7.5,高风险,漏洞信息已公开,微软风险评估为“不太可能被利用”

CVE-2021-43880(Windows Mobile 设备管理特权提升漏洞):
CVSS评分5.5,中风险,攻击者利用漏洞可获取SYSTEM权限。MDM是Windows 上的移动设备管理,Windows 管理组件有两个部分:注册客户端,用于注册和配置设备以与企业管理服务器通信;管理客户端,它定期与管理服务器同步以检查更新并应用IT设置的最新策略。


风险等级

高风险

漏洞风险

攻击者利用该漏洞可导致远程代码执行等危害

影响版本

CVE-2021-43215:
Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 (Server Core installation)
Windows Server 2012
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows RT 8.1
Windows 8.1 for x64-based systems
Windows 8.1 for 32-bit systems
Windows 7 for x64-based Systems Service Pack 1
Windows 7 for 32-bit Systems Service Pack 1
Windows Server 2016 (Server Core installation)
Windows Server 2016
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 for 32-bit Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows Server, version 20H2 (Server Core Installation)
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for x64-based Systems
Windows Server, version 2004 (Server Core installation)
Windows 10 Version 2004 for x64-based Systems
Windows 10 Version 2004 for ARM64-based Systems
Windows 10 Version 2004 for 32-bit Systems
Windows 10 Version 21H1 for 32-bit Systems
Windows 10 Version 21H1 for ARM64-based Systems
Windows 10 Version 21H1 for x64-based Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 1909 for 32-bit Systems
Windows Server 2019 (Server Core installation)
Windows Server 2019
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems

CVE-2021-43217:
Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 (Server Core installation)
Windows Server 2012
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows RT 8.1
Windows 8.1 for x64-based systems
Windows 8.1 for 32-bit systems
Windows 7 for x64-based Systems Service Pack 1
Windows 7 for 32-bit Systems Service Pack 1
Windows Server 2016 (Server Core installation)
Windows Server 2016
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 for 32-bit Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 11 for ARM64-based Systems
Windows 11 for x64-based Systems
Windows Server, version 20H2 (Server Core Installation)
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for x64-based Systems
Windows Server, version 2004 (Server Core installation)
Windows 10 Version 2004 for x64-based Systems
Windows 10 Version 2004 for ARM64-based Systems
Windows 10 Version 2004 for 32-bit Systems
Windows Server 2022 (Server Core installation)
Windows Server 2022
Windows 10 Version 21H1 for 32-bit Systems
Windows 10 Version 21H1 for ARM64-based Systems
Windows 10 Version 21H1 for x64-based Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 1909 for 32-bit Systems
Windows Server 2019 (Server Core installation)
Windows Server 2019
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems

其他影响版本详情请参考官方公告

安全版本

微软2021年12月最新补丁

修复建议

官方已发布漏洞补丁及修复版本,请评估业务是否受影响后,酌情升级至安全版本

【备注】:建议您在升级前做好数据备份工作,避免出现意外

漏洞参考

https://msrc.microsoft.com/update-guide/releaseNote/2021-Dec
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43215
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43217
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43890
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43240
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-41333
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43883
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43893

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43880