今天是
今日新发布通知公告0条 | 上传规范

2024年5月网络安全风险提示

来源:   发布日期:2024-05-23

【漏洞信息】

  微软公司近日发布了2024年5月份安全更新公告,包含了Windows DWM 核心库、Windows MSHTML、Windows Common Log File System Driver和Microsoft SharePoint Server等微软家族多个软件的安全更新补丁。利用上述漏洞,攻击者可进行欺骗,绕过安全功能限制,获取敏感信息,提升权限,执行远程代码,或发起拒绝服务攻击等。我中心提醒全校师生用户尽快下载补丁更新,避免引发漏洞相关的网络安全事件。

  根据公告,此次更新中修复的Windows DWM 核心库特权提升漏洞(CVE-2024-30051)、Windows MSHTML平台安全功能绕过漏洞(CVE-2024-30040)、Windows Common Log File System Driver特权提升漏洞(CVE-2024-30025)、Windows DWM 核心库特权提升漏洞(CVE-2024-30032)、Windows DWM核心库特权提升漏洞(CVE-2024-30035)、Windows Common Log File System Driver特权提升漏洞(CVE-2024-30037)和Microsoft SharePoint Server远程代码执行漏洞(CVE-2024-30044)风险较大。建议尽快安装安全更新补丁或采取临时缓解措施加固系统。

 

CVE编号

漏洞名称

危害等级

漏洞处置等级

CVE-2024-30051

Windows DWM 核心库特权提升漏洞

高危

2级

CVE-2024-30040

Windows MSHTML平台安全功能绕过漏洞

高危

2级

CVE-2024-30025

Windows Common Log File System Driver特权提升漏洞

高危

2级

CVE-2024-30032

Windows DWM 核心库特权提升漏洞

高危

2级

CVE-2024-30035

Windows DWM核心库特权提升漏洞

高危

2级

CVE-2024-30037

Windows Common Log File System Driver特权提升漏洞

高危

2级

CVE-2024-30044

Microsoft SharePoint Server远程代码执行漏洞

高危

2级

【重点关注漏洞】

  1Windows DWM核心库特权提升漏洞(CVE-2024-30051

漏洞类型

权限提升

CVSS3.1评分

7.8

POC情况

已发现

EXP情况

已发现

在野利用情况

已发现

研究情况

已发现

影响主体




Windows 10 for 32-bit Systems

Windows 10 for x64-based Systems

Windows 10 Version 1607 for 32-bit Systems

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems

Windows 10 Version 1809 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 21H2 for 32-bit Systems

Windows 10 Version 21H2 for ARM64-based Systems

Windows 10 Version 21H2 for x64-based Systems

Windows 10 Version 22H2 for 32-bit Systems

Windows 10 Version 22H2 for ARM64-based Systems

Windows 10 Version 22H2 for x64-based Systems

Windows 11 version 21H2 for ARM64-based Systems

Windows 11 version 21H2 for x64-based Systems

Windows 11 Version 22H2 for ARM64-based Systems

Windows 11 Version 22H2 for x64-based Systems

Windows 11 Version 23H2 for ARM64-based Systems

Windows 11 Version 23H2 for x64-based Systems

Windows Server 2016

Windows Server 2016 (Server Core installation)

Windows Server 2019

Windows Server 2019 (Server Core installation)

Windows Server 2022

Windows Server 2022 (Server Core installation)




CVSS向量




访问途径(AV

本地

攻击复杂度(AC

所需权限(PR

用户交互(UI

不需要用户交互

影响范围(S

不变

机密性影响(C

完整性影响(I

可用性影响(A





  2Windows MSHTML平台安全功能绕过漏洞(CVE-2024-30040

漏洞类型

安全特性绕过

CVSS3.1评分

8.8

POC情况

未发现

EXP情况

未发现

在野利用情况

已发现

研究情况

分析中

影响版本




Windows 10 for 32-bit Systems

Windows 10 for x64-based Systems

Windows 10 Version 1607 for 32-bit Systems

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems

Windows 10 Version 1809 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 21H2 for 32-bit Systems

Windows 10 Version 21H2 for ARM64-based Systems

Windows 10 Version 21H2 for x64-based Systems

Windows 10 Version 22H2 for 32-bit Systems

Windows 10 Version 22H2 for ARM64-based Systems

Windows 10 Version 22H2 for x64-based Systems

Windows 11 version 21H2 for ARM64-based Systems

Windows 11 version 21H2 for x64-based Systems

Windows 11 Version 22H2 for ARM64-based Systems

Windows 11 Version 22H2 for x64-based Systems

Windows 11 Version 23H2 for ARM64-based Systems

Windows 11 Version 23H2 for x64-based Systems

Windows Server 2016

Windows Server 2016 (Server Core installation)

Windows Server 2019

Windows Server 2019 (Server Core installation)

Windows Server 2022

Windows Server 2022 (Server Core installation)

Windows Server 2022, 23H2 Edition (Server Core installation)




CVSS向量




访问途径(AV

网络

攻击复杂度(AC

所需权限(PR

无需任何权限

用户交互(UI

需要用户交互

影响范围(S

不变

机密性影响(C

完整性影响(I

可用性影响(A





  3Windows Common Log File System Driver特权提升漏洞(CVE-2024-30025)

漏洞类型

权限提升

CVSS3.1评分

7.8

POC情况

未发现

EXP情况

未发现

在野利用情况

未发现

研究情况

分析中

影响版本




Windows 10 for 32-bit Systems

Windows 10 for x64-based Systems

Windows 10 Version 1607 for 32-bit Systems

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems

Windows 10 Version 1809 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 21H2 for 32-bit Systems

Windows 10 Version 21H2 for ARM64-based Systems

Windows 10 Version 21H2 for x64-based Systems

Windows 10 Version 22H2 for 32-bit Systems

Windows 10 Version 22H2 for ARM64-based Systems

Windows 10 Version 22H2 for x64-based Systems

Windows 11 version 21H2 for ARM64-based Systems

Windows 11 version 21H2 for x64-based Systems

Windows 11 Version 22H2 for ARM64-based Systems

Windows 11 Version 22H2 for x64-based Systems

Windows 11 Version 23H2 for ARM64-based Systems

Windows 11 Version 23H2 for x64-based Systems

Windows Server 2008 for 32-bit Systems Service Pack 2

Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for x64-based Systems Service Pack 2

Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)

Windows Server 2008 R2 for x64-based Systems Service Pack 1

Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)

Windows Server 2012

Windows Server 2012 (Server Core installation)

Windows Server 2012 R2

Windows Server 2012 R2 (Server Core installation)

Windows Server 2016

Windows Server 2016 (Server Core installation)

Windows Server 2019

Windows Server 2019 (Server Core installation)

Windows Server 2022

Windows Server 2022 (Server Core installation)

Windows Server 2022, 23H2 Edition (Server Core installation)




CVSS向量




访问途径(AV

本地

攻击复杂度(AC

所需权限(PR

用户交互(UI

不需要用户交互

影响范围(S

不变

机密性影响(C

完整性影响(I

可用性影响(A





  4Windows DWM 核心库特权提升漏洞(CVE-2024-30032

漏洞类型

权限提升

CVSS3.1评分

7.8

POC情况

未发现

EXP情况

未发现

在野利用情况

未发现

研究情况

分析中

影响版本




Windows 10 for 32-bit Systems

Windows 10 for x64-based Systems

Windows 10 Version 1607 for 32-bit Systems

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems

Windows 10 Version 1809 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 21H2 for 32-bit Systems

Windows 10 Version 21H2 for ARM64-based Systems

Windows 10 Version 21H2 for x64-based Systems

Windows 10 Version 22H2 for 32-bit Systems

Windows 10 Version 22H2 for ARM64-based Systems

Windows 10 Version 22H2 for x64-based Systems

Windows 11 version 21H2 for ARM64-based Systems

Windows 11 version 21H2 for x64-based Systems

Windows 11 Version 22H2 for ARM64-based Systems

Windows 11 Version 22H2 for x64-based Systems

Windows 11 Version 23H2 for ARM64-based Systems

Windows 11 Version 23H2 for x64-based Systems

Windows Server 2016

Windows Server 2016 (Server Core installation)

Windows Server 2019

Windows Server 2019 (Server Core installation)

Windows Server 2022

Windows Server 2022 (Server Core installation)

Windows Server 2022, 23H2 Edition (Server Core installation)

CVSS向量




访问途径(AV

本地

攻击复杂度(AC

所需权限(PR

用户交互(UI

不需要用户交互

影响范围(S

不变

机密性影响(C

完整性影响(I

可用性影响(A





  5Windows DWM 核心库特权提升漏洞(CVE-2024-30035

漏洞类型

权限提升

CVSS3.1评分

7.8

POC情况

未发现

EXP情况

未发现

在野利用情况

未发现

研究情况

分析中

影响版本




Windows 10 Version 1809 for 32-bit Systems

Windows 10 Version 1809 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 21H2 for 32-bit Systems

Windows 10 Version 21H2 for ARM64-based Systems

Windows 10 Version 21H2 for x64-based Systems

Windows 10 Version 22H2 for 32-bit Systems

Windows 10 Version 22H2 for ARM64-based Systems

Windows 10 Version 22H2 for x64-based Systems

Windows 11 version 21H2 for ARM64-based Systems

Windows 11 version 21H2 for x64-based Systems

Windows 11 Version 22H2 for ARM64-based Systems

Windows 11 Version 22H2 for x64-based Systems

Windows 11 Version 23H2 for ARM64-based Systems

Windows 11 Version 23H2 for x64-based Systems

Windows Server 2019

Windows Server 2019 (Server Core installation)

Windows Server 2022

Windows Server 2022 (Server Core installation)

Windows Server 2022, 23H2 Edition (Server Core installation)

CVSS向量




访问途径(AV

本地

攻击复杂度(AC

所需权限(PR

用户交互(UI

不需要用户交互

影响范围(S

不变

机密性影响(C

完整性影响(I

可用性影响(A





  6Windows Common Log File System Driver特权提升漏洞(CVE-2024-30037

漏洞类型

权限提升

CVSS3.1评分

7.8

POC情况

未发现

EXP情况

未发现

在野利用情况

未发现

研究情况

分析中

影响版本




Windows 10 for 32-bit Systems

Windows 10 for x64-based Systems

Windows 10 Version 1607 for 32-bit Systems

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems

Windows 10 Version 1809 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 21H2 for 32-bit Systems

Windows 10 Version 21H2 for ARM64-based Systems

Windows 10 Version 21H2 for x64-based Systems

Windows 10 Version 22H2 for 32-bit Systems

Windows 10 Version 22H2 for ARM64-based Systems

Windows 10 Version 22H2 for x64-based Systems

Windows 11 version 21H2 for ARM64-based Systems

Windows 11 version 21H2 for x64-based Systems

Windows 11 Version 22H2 for ARM64-based Systems

Windows 11 Version 22H2 for x64-based Systems

Windows 11 Version 23H2 for ARM64-based Systems

Windows 11 Version 23H2 for x64-based Systems

Windows Server 2008 for 32-bit Systems Service Pack 2

Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for x64-based Systems Service Pack 2

Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)

Windows Server 2008 R2 for x64-based Systems Service Pack 1

Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)

Windows Server 2012

Windows Server 2012 (Server Core installation)

Windows Server 2012 R2

Windows Server 2012 R2 (Server Core installation)

Windows Server 2016

Windows Server 2016 (Server Core installation)

Windows Server 2019

Windows Server 2019 (Server Core installation)

Windows Server 2022

Windows Server 2022 (Server Core installation)

Windows Server 2022, 23H2 Edition (Server Core installation)

CVSS向量




访问途径(AV

本地

攻击复杂度(AC

所需权限(PR

用户交互(UI

不需要用户交互

影响范围(S

不变

机密性影响(C

完整性影响(I

可用性影响(A





  7Microsoft SharePoint Server远程代码执行漏洞(CVE-2024-30044)

漏洞类型

远程代码执行

CVSS3.1评分

7.8

POC情况

未发现

EXP情况

未发现

在野利用情况

未发现

研究情况

分析中

影响版本




Microsoft SharePoint Enterprise Server 2016

Microsoft SharePoint Server 2019

Microsoft SharePoint Server Subscription Edition

CVSS向量




访问途径(AV

网络

攻击复杂度(AC

所需权限(PR

用户交互(UI

不需要用户交互

影响范围(S

不变

机密性影响(C

完整性影响(I

可用性影响(A

【修复方案】

  官方修复方案:

  目前微软针对支持的产品已发布升级补丁修复了上述漏洞,请用户参考官方通告及时下载更新补丁。补丁获取:https://msrc.microsoft.com/update-guide/vulnerability
  Windows 更新:

  自动更新:Microsoft Update默认启用,当系统检测到可用更新时,将会自动下载更新并在下一次启动时安装。

  手动更新:

  1、点击“开始菜单”或按Windows快捷键,点击进入“设置”。

  2、选择“更新和安全”,进入“Windows更新”(Windows 8、Windows 8.1、Windows Server 2012以及Windows Server 2012 R2可通过控制面板进入“Windows更新”,具体步骤为“控制面板”->“系统和安全”->“Windows更新”)。

  3、选择“检查更新”,等待系统将自动检查并下载可用更新。

  4、重启计算机,安装更新系统重新启动后,可通过进入“Windows更新”->“查看更新历史记录”查看是否成功安装了更新。


【参考资料】

  https://msrc.microsoft.com/update-guide/releaseNote/2024-May


网络信息技术中心

2024年5月23日



Baidu
map