查看: 22118|回复: 0

Windows 内核权限提升漏洞安全通告

[复制链接]
匿名
匿名  发表于 2023-9-21 17:14:40 |阅读模式
CVE-2023-35359

Windows内核是Windows操作系统的核心组件,它是操作系统的底层部分,负责管理和协调计算机硬件和软件资源。
内核提供了操作系统的基本功能和服务,包括进程管理、内存管理、设备驱动程序、文件系统、网络通信等。

Windows 内核权限提升漏洞(CVE-2023-35359)细节、POC及EXP在互联网上公开:由于Windows发生未处理的异常时,程序将尝试唤醒Windows错误报告(WER)服务进行日志记录和分析。当唤醒失败时,故障程序将创建一个WerFault.exe子进程来收集程序特定的信息。当故障程序是模拟当前用户的特权进程时,可以使用伪造的DOS设备映射来劫持进程创建,并以高完整性执行任意代码,最终实现权限提升。

具有低权限的本地攻击者利用该漏洞,可以将权限提升至SYSTEM。

QQ20230921-171337@2x.jpg

影响的版本:
Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 (Server Core installation)
Windows Server 2012
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2016 (Server Core installation)
Windows Server 2016
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 for 32-bit Systems
Windows 10 Version 22H2 for 32-bit Systems
Windows 10 Version 22H2 for ARM64-based Systems
Windows 10 Version 22H2 for x64-based Systems
Windows 11 Version 22H2 for x64-based Systems
Windows 11 Version 22H2 for ARM64-based Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 11 version 21H2 for ARM64-based Systems
Windows 11 version 21H2 for x64-based Systems
Windows Server 2022 (Server Core installation)
Windows Server 2022
Windows Server 2019 (Server Core installation)
Windows Server 2019
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
回复

使用道具 举报

您需要登录后才可以回帖 登录 | 注册

本版积分规则

指导单位

江苏省公安厅

江苏省通信管理局

浙江省台州刑侦支队

DEFCON GROUP 86025

旗下站点

邮箱系统

应急响应中心

红盟安全

联系我们

官方QQ群:112851260

官方邮箱:security#ihonker.org(#改成@)

官方核心成员

Archiver|手机版|小黑屋| ( 苏ICP备2021031567号 )

GMT+8, 2024-11-1 09:09 , Processed in 0.034166 second(s), 17 queries , Gzip On, MemCache On.

Powered by ihonker.com

Copyright © 2015-现在.

  • 返回顶部