关于Windows NTLM权限提升漏洞的风险提示

2023-02-16109

一、背景介绍

近日,市委网信办技术支撑单位监测发现微软发布了安全通告,修复Windows NTLM权限提升漏洞(CVE-2023-21746)。

1.1 漏洞描述

NTLM (NT LAN Manager)是telnet的一种验证身份方式,即问询/应答身份验证协议。Windows NTLM在进行身份验证时存在漏洞,允许拥有低权限的本地攻击者通过运行特制程序将权限提升至SYSTEM。

1.2 漏洞编号

CVE-2023-21746

1.3漏洞等级

高危


二、修复建议

2.1 受影响版本

Windows Server 2012 R2

Windows RT 8.1

Windows 8.1 for x64-based systems

Windows 8.1 for 32-bit systems

Windows 7 for x64-based Systems Service Pack 1

Windows 7 for 32-bit Systems Service Pack 1

Windows Server 2016 (Server Core installation)

Windows Server 2016

Windows Server 2022 (Server Core installation)

Windows Server 2022

Windows Server 2012 (Server Core installation)

Windows Server 2012

Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)

Windows Server 2008 R2 for x64-based Systems Service Pack 1

Windows Server 2012 R2 (Server Core installation)

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1607 for 32-bit Systems

Windows 10 for x64-based Systems

2.2 修复建议

建议将补丁安装至最新版本