一、背景介绍
10月14日,市委网信办技术支撑单位监测到微软发布10月安全更新补丁,涉及多个高危漏洞(CVE-2021-38672、CVE-2021-40461、CVE-2021-40449、CVE-2021-36970、CVE-2021-26427、CVE-2021-40486、CVE-2021-40469)
1.1部分漏洞详细介绍:
1、CVE-2021-38672/CVE-2021-40461 Windows Hyper-V远程代码执行漏洞
Windows Hyper-V存在远程代码执行漏洞。在逻辑相邻的网络上具有低权限的攻击者可以利用该漏洞发送特制的请求并在目标系统上执行任意代码。利用该漏洞无需用户交互。
2、CVE-2021-40449 Win32k特权提升漏洞
Win32k中存在权限提升漏洞,该漏洞允许有低权限的攻击者在无需用户交互的情况下在目标主机上提升权限。利用该漏洞无需用户交互。
3、CVE-2021-36970 Windows Print Spooler欺骗漏洞
在 Windows打印后台服务中存在漏洞,攻击者可以利用该漏洞在目标主机上远程执行代码,利用该漏洞无需权限但需要用户交互。
4、CVE-2021-26427 Microsoft Exchange Server远程代码执行漏洞
经过身份验证的攻击者可通过相邻网络对受影响的Exchange服务器进行攻击,可在目标服务器端实现远程代码执行。
5、CVE-2021-40486 Microsoft Word远程执行代码漏洞
Microsoft Word存在漏洞,该漏洞允许攻击者在目标主机上远程执行代码,该漏洞利用需要用户交互,无需权限。预览窗格为攻击途径之一。
6、CVE-2021-40469 Windows DNS Server远程执行代码漏洞
在服务器配置为DNS服务器的情况下,攻击者可利用此漏洞实现在目标系统上以SYSTEM权限远程代码执行,且不需要用交互,目前漏洞细节已公开。
1.2漏洞编号
CVE-2021-38672、CVE-2021-40461、CVE-2021-40449、CVE-2021-36970、CVE-2021-26427、CVE-2021-40486、CVE-2021-40469
1.3漏洞等级
高危
二、修复建议
2.1受影响版本
CVE-2021-38672
Windows 11 for x64-based Systems
Windows Server 2022
Windows Server 2022 (Server Core installation)
CVE-2021-40461
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 2004 for x64-based Systems
Windows 10 Version 20H2 for x64-based Systems
Windows 10 Version 21H1 for x64-based Systems
Windows 11 for x64-based Systems
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows Server 2022
Windows Server 2022 (Server Core installation)
Windows Server, version 2004 (Server Core installation)
Windows Server, version 20H2 (Server Core Installation)
CVE-2021-40449
Windows Server, version 20H2 (Server Core Installation)
CVE-2021-36970
Windows Server, version 2004 (Server Core installation)
Windows Server 2022 (Server Core installation)
Windows Server 2022
Windows Server 2019 (Server Core installation)
Windows Server 2019
Windows Server 2016 (Server Core installation)
Windows Server 2016
Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 (Server Core installation)
Windows Server 2012
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (ServerCore installation)
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 R2 for x64-based Systems Service Pack1 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack1
Windows RT 8.1
Windows 8.1 for x64-based systems
Windows 8.1 for 32-bit systems
Windows 7 for x64-based Systems Service Pack 1
Windows 7 for 32-bit Systems Service Pack 1
Windows 11 for x64-based Systems
Windows 11 for ARM64-based Systems
Windows 10 for x64-based Systems
Windows 10 for 32-bit Systems
Windows 10 Version 21H1 for x64-based Systems
Windows 10 Version 21H1 for ARM64-based Systems
Windows 10 Version 21H1 for 32-bit Systems
Windows 10 Version 20H2 for x64-based Systems
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 2004 for x64-based Systems
Windows 10 Version 2004 for ARM64-based Systems
Windows 10 Version 2004 for 32-bit Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 1909 for 32-bit Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
CVE-2021-26427
Microsoft Exchange Server 2019 Cumulative Update 11
Microsoft Exchange Server 2019 Cumulative Update 10
Microsoft Exchange Server 2016 Cumulative Update 22
Microsoft Exchange Server 2016 Cumulative Update 21
Microsoft Exchange Server 2013 Cumulative Update 23
CVE-2021-40486
Microsoft Word 2016 (64-bit edition)
Microsoft Word 2016 (32-bit edition)
Microsoft Word 2013 Service Pack 1 (64-bit editions)
Microsoft Word 2013 Service Pack 1 (32-bit editions)
Microsoft Word 2013 RT Service Pack 1
Microsoft SharePoint Server 2019
Microsoft SharePoint Enterprise Server 2016
Microsoft SharePoint Enterprise Server 2013 Service Pack 1
Microsoft Office Web Apps Server 2013 Service Pack 1
Microsoft Office Online Server
Microsoft Office 2019 for 64-bit editions
Microsoft Office 2019 for 32-bit editions
CVE-2021-40469
Windows Server, version 2004 (Server Core installation)
Windows Server 2022 (Server Core installation)
Windows Server 2022
Windows Server, version 20H2 (Server Core Installation)
Windows Server 2019 (Server Core installation)
Windows Server 2019
Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 (Server Core installation)
Windows Server 2012
Windows Server 2008 R2 for x64-based Systems Service Pack1 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack1
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (ServerCore installation)
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2016 (Server Core installation)
Windows Server 2016
2.2修复建议
目前微软官方已针对受支持的产品版本发布了修复以上漏洞的安全补丁,强烈建议受影响用户尽快安装补丁进行防护。
官方下载链接:
https://msrc.microsoft.com/update-guide/releaseNote/2021-Oct