查看: 6171|回复: 0

【风险通告】微软8月安全更新补丁

[复制链接]
匿名
匿名  发表于 2024-8-15 16:50:18 |阅读模式

微软官方发布了8月安全更新公告,包含了Windows TCP/IP、Windows Kernel、Windows Ancillary Function Driver for WinSock、Scripting Engine Memory、Windows Secure Channel等微软家族多个软件的安全更新补丁。请相关用户及时更新对应补丁修复漏洞。

01漏洞详情


1、本月存在6个在野0day漏洞,经研判,需要重点关注的在野0day漏洞如下:


· Windows内核特权提升漏洞(CVE-2024-38106)

· 脚本引擎内存损坏漏洞(CVE-2024-38178)

· Windows Ancillary Function Driver for WinSock特权提升漏洞(CVE-2024-38193)

2、本月披露漏洞中,被利用可能性较高的漏洞如下:


· Windows TCP/IP 远程代码执行漏洞(CVE-2024-38063)

· Windows内核特权提升漏洞(CVE-2024-38106)

· Windows Ancillary Function Driver for WinSock特权提升漏洞(CVE-2024-38141)

· 脚本引擎内存损坏漏洞(CVE-2024-38178)

· Windows Ancillary Function Driver for WinSock特权提升漏洞(CVE-2024-38193)

· Windows Common Log File System Driver特权提升漏洞(CVE-2024-38196)

· Kernel Streaming WOW Thunk 服务驱动程序特权提升漏洞(CVE-2024-38125)

· Kernel Streaming WOW Thunk 服务驱动程序特权提升漏洞(CVE-2024-38144)

· Microsoft DWM 核心库特权提升漏洞(CVE-2024-38147)

· Windows Secure Channel拒绝服务漏洞(CVE-2024-38148)

· Windows DWM 核心库特权提升漏洞(CVE-2024-38150)

3、本月披露漏洞中较为高危的漏洞如下:


· Azure Stack Hub 欺骗漏洞(CVE-2024-38108)

· Azure Health Bot 特权提升漏洞(CVE-2024-38109)

· Windows TCP/IP 远程代码执行漏洞(CVE-2024-38063)

· Windows Reliable Multicast Transport Driver (RMCAST)远程代码执行漏洞(CVE-2024-38140)

· Windows Ancillary Function Driver for WinSock特权提升漏洞(CVE-2024-38141)

· Windows Network Virtualization远程代码执行漏洞(CVE-2024-38159)

· Windows Network Virtualization远程代码执行漏洞(CVE-2024-38160)

· Windows Line Printer Daemon (LPD)服务远程代码执行漏洞(CVE-2024-38199)

· Windows Ancillary Function Driver for WinSock特权提升漏洞(CVE-2024-38193)


02

重点关注漏洞


1、Windows 内核特权提升漏洞(CVE-2024-38106)


漏洞类型

权限提升

CVSS3.1评分

7


CVE编号


CVE-2024-38106

安恒CERT编号


DM-202406-001570

影响主体

Windows 10 for 32-bit Systems

Windows 10 for x64-based Systems

Windows 10 Version 1607 for 32-bit Systems

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems

Windows 10 Version 1809 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 21H2 for 32-bit Systems

Windows 10 Version 21H2 for ARM64-based Systems

Windows 10 Version 21H2 for x64-based Systems

Windows 10 Version 22H2 for 32-bit Systems

Windows 10 Version 22H2 for ARM64-based Systems

Windows 10 Version 22H2 for x64-based Systems

Windows 11 version 21H2 for ARM64-based Systems

Windows 11 version 21H2 for x64-based Systems

Windows 11 Version 22H2 for ARM64-based Systems

Windows 11 Version 22H2 for x64-based Systems

Windows 11 Version 23H2 for ARM64-based Systems

Windows 11 Version 23H2 for x64-based Systems

Windows 11 Version 24H2 for ARM64-based Systems

Windows 11 Version 24H2 for x64-based Systems

Windows Server 2016

Windows Server 2016 (Server Core installation)

Windows Server 2019

Windows Server 2019 (Server Core installation)

Windows Server 2022

Windows Server 2022 (Server Core installation)

Windows Server 2022, 23H2 Edition (Server Core installation)

CVSS向量

访问途径(AV)

本地


攻击复杂度(AC)




所需权限(PR)




用户交互(UI)

不需要用户交互


影响范围 (S)


不变


机密性影响 (C)





完整性影响 (I)




可用性影响 (A)




2、脚本引擎内存损坏漏洞(CVE-2024-38178)

漏洞类型

远程代码执行


CVSS3.1评分

7.58


CVE编号


CVE-2024-38178

安恒CERT编号


DM-202406-00164265

影响主体

Windows 10 for 32-bit Systems

Windows 10 for x64-based Systems

Windows 10 Version 1607 for 32-bit Systems

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems

Windows 10 Version 1809 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 21H2 for 32-bit Systems

Windows 10 Version 21H2 for ARM64-based Systems

Windows 10 Version 21H2 for x64-based Systems

Windows 10 Version 22H2 for 32-bit Systems

Windows 10 Version 22H2 for ARM64-based Systems

Windows 10 Version 22H2 for x64-based Systems

Windows 11 version 21H2 for ARM64-based Systems

Windows 11 version 21H2 for x64-based Systems

Windows 11 Version 22H2 for ARM64-based Systems

Windows 11 Version 22H2 for x64-based Systems

Windows 11 Version 23H2 for ARM64-based Systems

Windows 11 Version 23H2 for x64-based Systems

Windows 11 Version 24H2 for ARM64-based Systems

Windows 11 Version 24H2 for x64-based Systems

Windows Server 2012 R2

Windows Server 2012 R2 (Server Core installation)

Windows Server 2016

Windows Server 2016 (Server Core installation)

Windows Server 2019

Windows Server 2019 (Server Core installation)

Windows Server 2022

Windows Server 2022 (Server Core installation)

Windows Server 2022, 23H2 Edition (Server Core installation)

CVSS向量

访问途径(AV)

网络


攻击复杂度(AC)




所需权限(PR)

无需任何权限


用户交互(UI)

需要用户交互


影响范围 (S)


不变


机密性影响 (C)





完整性影响 (I)




可用性影响 (A)




3、Windows Ancillary Function Driver for WinSock特权提升漏洞(CVE-2024-38193)

漏洞类型

权限提升

CVSS3.1评分

7.8


CVE编号


CVE-2024-38193

安恒CERT编号


DM-202406-001657

影响主体

Windows 10 for 32-bit Systems

Windows 10 for x64-based Systems

Windows 10 Version 1607 for 32-bit Systems

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems

Windows 10 Version 1809 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 21H2 for 32-bit Systems

Windows 10 Version 21H2 for ARM64-based Systems

Windows 10 Version 21H2 for x64-based Systems

Windows 10 Version 22H2 for 32-bit Systems

Windows 10 Version 22H2 for ARM64-based Systems

Windows 10 Version 22H2 for x64-based Systems

Windows 11 version 21H2 for ARM64-based Systems

Windows 11 version 21H2 for x64-based Systems

Windows 11 Version 22H2 for ARM64-based Systems

Windows 11 Version 22H2 for x64-based Systems

Windows 11 Version 23H2 for ARM64-based Systems

Windows 11 Version 23H2 for x64-based Systems

Windows 11 Version 24H2 for ARM64-based Systems

Windows 11 Version 24H2 for x64-based Systems

Windows Server 2008 for 32-bit Systems Service Pack 2

Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for x64-based Systems Service Pack 2

Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)

Windows Server 2008 R2 for x64-based Systems Service Pack 1

Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)

Windows Server 2012

Windows Server 2012 (Server Core installation)

Windows Server 2012 R2

Windows Server 2012 R2 (Server Core installation)

Windows Server 2016

Windows Server 2016 (Server Core installation)

Windows Server 2019

Windows Server 2019 (Server Core installation)

Windows Server 2022

Windows Server 2022 (Server Core installation)

Windows Server 2022, 23H2 Edition (Server Core installation)

CVSS向量

访问途径(AV)

本地


攻击复杂度(AC)




所需权限(PR)




用户交互(UI)

不需要用户交互


影响范围 (S)


不变


机密性影响 (C)





完整性影响 (I)




可用性影响 (A)




4、Windows TCP/IP 远程代码执行漏洞(CVE-2024-38063)

漏洞类型

远程代码执行


CVSS3.1评分

9.8


CVE编号


CVE-2024-38063

安恒CERT编号


DM-202406-001527

影响主体

Windows 10 for 32-bit Systems

Windows 10 for x64-based Systems

Windows 10 Version 1607 for 32-bit Systems

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems

Windows 10 Version 1809 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 21H2 for 32-bit Systems

Windows 10 Version 21H2 for ARM64-based Systems

Windows 10 Version 21H2 for x64-based Systems

Windows 10 Version 22H2 for 32-bit Systems

Windows 10 Version 22H2 for ARM64-based Systems

Windows 10 Version 22H2 for x64-based Systems

Windows 11 version 21H2 for ARM64-based Systems

Windows 11 version 21H2 for x64-based Systems

Windows 11 Version 22H2 for ARM64-based Systems

Windows 11 Version 22H2 for x64-based Systems

Windows 11 Version 23H2 for ARM64-based Systems

Windows 11 Version 23H2 for x64-based Systems

Windows 11 Version 24H2 for ARM64-based Systems

Windows 11 Version 24H2 for x64-based Systems

Windows Server 2008 for 32-bit Systems Service Pack 2

Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for x64-based Systems Service Pack 2

Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)

Windows Server 2008 R2 for x64-based Systems Service Pack 1

Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)

Windows Server 2012

Windows Server 2012 (Server Core installation)

Windows Server 2012 R2

Windows Server 2012 R2 (Server Core installation)

Windows Server 2016

Windows Server 2016 (Server Core installation)

Windows Server 2019

Windows Server 2019 (Server Core installation)

Windows Server 2022

Windows Server 2022 (Server Core installation)

Windows Server 2022, 23H2 Edition (Server Core installation)

CVSS向量

访问途径(AV)

网络


攻击复杂度(AC)




所需权限(PR)

无需任何权限


用户交互(UI)

不需要用户交互


影响范围 (S)


不变


机密性影响 (C)





完整性影响 (I)




可用性影响 (A)




5、Windows Ancillary Function Driver for WinSock特权提升漏洞(CVE-2024-38141)

漏洞类型

权限提升

CVSS3.1评分

7.8


CVE编号


CVE-2024-38141

安恒CERT编号


DM-202406-001605

影响主体
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 22H2 for 32-bit Systems
Windows 10 Version 22H2 for ARM64-based Systems
Windows 10 Version 22H2 for x64-based Systems
Windows 11 version 21H2 for ARM64-based Systems
Windows 11 version 21H2 for x64-based Systems
Windows 11 Version 22H2 for ARM64-based Systems
Windows 11 Version 22H2 for x64-based Systems
Windows 11 Version 23H2 for ARM64-based Systems
Windows 11 Version 23H2 for x64-based Systems
Windows 11 Version 24H2 for ARM64-based Systems
Windows 11 Version 24H2 for x64-based Systems
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
Windows Server 2016
Windows Server 2016 (Server Core installation)
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows Server 2022
Windows Server 2022 (Server Core installation)
Windows Server 2022, 23H2 Edition (Server Core installation)

CVSS向量

访问途径(AV)

本地


攻击复杂度(AC)




所需权限(PR)




用户交互(UI)

不需要用户交互


影响范围 (S)


不变


机密性影响 (C)





完整性影响 (I)




可用性影响 (A)




6、Windows Common Log File System Driver特权提升漏洞(CVE-2024-38196)

漏洞类型

权限提升

CVSS3.1评分

7.8


CVE编号


CVE-2024-38196

安恒CERT编号


DM-202406-001660

影响主体

Windows 10 for 32-bit Systems

Windows 10 for x64-based Systems

Windows 10 Version 1607 for 32-bit Systems

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems

Windows 10 Version 1809 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 21H2 for 32-bit Systems

Windows 10 Version 21H2 for ARM64-based Systems

Windows 10 Version 21H2 for x64-based Systems

Windows 10 Version 22H2 for 32-bit Systems

Windows 10 Version 22H2 for ARM64-based Systems

Windows 10 Version 22H2 for x64-based Systems

Windows 11 version 21H2 for ARM64-based Systems

Windows 11 version 21H2 for x64-based Systems

Windows 11 Version 22H2 for ARM64-based Systems

Windows 11 Version 22H2 for x64-based Systems

Windows 11 Version 23H2 for ARM64-based Systems

Windows 11 Version 23H2 for x64-based Systems

Windows 11 Version 24H2 for ARM64-based Systems

Windows 11 Version 24H2 for x64-based Systems

Windows Server 2008 for 32-bit Systems Service Pack 2

Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for x64-based Systems Service Pack 2

Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)

Windows Server 2008 R2 for x64-based Systems Service Pack 1

Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)

Windows Server 2012

Windows Server 2012 (Server Core installation)

Windows Server 2012 R2

Windows Server 2012 R2 (Server Core installation)

Windows Server 2016

Windows Server 2016 (Server Core installation)

Windows Server 2019

Windows Server 2019 (Server Core installation)

Windows Server 2022

Windows Server 2022 (Server Core installation)

Windows Server 2022, 23H2 Edition (Server Core installation)

CVSS向量

访问途径(AV)

本地


攻击复杂度(AC)




所需权限(PR)




用户交互(UI)

不需要用户交互


影响范围 (S)


不变


机密性影响 (C)





完整性影响 (I)




可用性影响 (A)




7、Kernel Streaming WOW Thunk 服务驱动程序特权提升漏洞(CVE-2024-38125)

漏洞类型

权限提升

CVSS3.1评分

7.8


CVE编号


CVE-2024-38125

安恒CERT编号


DM-202406-001589

影响主体

Windows 10 for 32-bit Systems

Windows 10 for x64-based Systems

Windows 10 Version 1607 for 32-bit Systems

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems

Windows 10 Version 1809 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 21H2 for 32-bit Systems

Windows 10 Version 21H2 for ARM64-based Systems

Windows 10 Version 21H2 for x64-based Systems

Windows 10 Version 22H2 for 32-bit Systems

Windows 10 Version 22H2 for ARM64-based Systems

Windows 10 Version 22H2 for x64-based Systems

Windows 11 version 21H2 for ARM64-based Systems

Windows 11 version 21H2 for x64-based Systems

Windows 11 Version 22H2 for ARM64-based Systems

Windows 11 Version 22H2 for x64-based Systems

Windows 11 Version 23H2 for ARM64-based Systems

Windows 11 Version 23H2 for x64-based Systems

Windows 11 Version 24H2 for ARM64-based Systems

Windows 11 Version 24H2 for x64-based Systems

Windows Server 2008 for 32-bit Systems Service Pack 2

Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for x64-based Systems Service Pack 2

Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)

Windows Server 2008 R2 for x64-based Systems Service Pack 1

Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)

Windows Server 2012

Windows Server 2012 (Server Core installation)

Windows Server 2012 R2

Windows Server 2012 R2 (Server Core installation)

Windows Server 2016

Windows Server 2016 (Server Core installation)

Windows Server 2019

Windows Server 2019 (Server Core installation)

Windows Server 2022

Windows Server 2022 (Server Core installation)

Windows Server 2022, 23H2 Edition (Server Core installation)

CVSS向量

访问途径(AV)

本地


攻击复杂度(AC)




所需权限(PR)




用户交互(UI)

不需要用户交互


影响范围 (S)


不变


机密性影响 (C)





完整性影响 (I)




可用性影响 (A)




8、Kernel Streaming WOW Thunk 服务驱动程序特权提升漏洞(CVE-2024-38144)

漏洞类型

权限提升

CVSS3.1评分

8.8


CVE编号


CVE-2024-38144

安恒CERT编号


DM-202406-001608

影响主体

Windows 10 for 32-bit Systems

Windows 10 for x64-based Systems

Windows 10 Version 1607 for 32-bit Systems

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems

Windows 10 Version 1809 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 21H2 for 32-bit Systems

Windows 10 Version 21H2 for ARM64-based Systems

Windows 10 Version 21H2 for x64-based Systems

Windows 10 Version 22H2 for 32-bit Systems

Windows 10 Version 22H2 for ARM64-based Systems

Windows 10 Version 22H2 for x64-based Systems

Windows 11 version 21H2 for ARM64-based Systems

Windows 11 version 21H2 for x64-based Systems

Windows 11 Version 22H2 for ARM64-based Systems

Windows 11 Version 22H2 for x64-based Systems

Windows 11 Version 23H2 for ARM64-based Systems

Windows 11 Version 23H2 for x64-based Systems

Windows 11 Version 24H2 for ARM64-based Systems

Windows 11 Version 24H2 for x64-based Systems

Windows Server 2008 for 32-bit Systems Service Pack 2

Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for x64-based Systems Service Pack 2

Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)

Windows Server 2008 R2 for x64-based Systems Service Pack 1

Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)

Windows Server 2012

Windows Server 2012 (Server Core installation)

Windows Server 2012 R2

Windows Server 2012 R2 (Server Core installation)

Windows Server 2016

Windows Server 2016 (Server Core installation)

Windows Server 2019

Windows Server 2019 (Server Core installation)

Windows Server 2022

Windows Server 2022 (Server Core installation)

Windows Server 2022, 23H2 Edition (Server Core installation)

CVSS向量

访问途径(AV)

网络


攻击复杂度(AC)




所需权限(PR)




用户交互(UI)

不需要用户交互


影响范围 (S)


不变


机密性影响 (C)





完整性影响 (I)




可用性影响 (A)




9、Microsoft DWM 核心库特权提升漏洞(CVE-2024-38147)

漏洞类型

权限提升

CVSS3.1评分

7.8


CVE编号


CVE-2024-38147

安恒CERT编号


DM-202406-001611

影响主体

Windows 10 Version 21H2 for 32-bit Systems

Windows 10 Version 21H2 for ARM64-based Systems

Windows 10 Version 21H2 for x64-based Systems

Windows 10 Version 22H2 for 32-bit Systems

Windows 10 Version 22H2 for ARM64-based Systems

Windows 10 Version 22H2 for x64-based Systems

Windows 11 version 21H2 for ARM64-based Systems

Windows 11 version 21H2 for x64-based Systems

Windows 11 Version 22H2 for ARM64-based Systems

Windows 11 Version 22H2 for x64-based Systems

Windows 11 Version 23H2 for ARM64-based Systems

Windows 11 Version 23H2 for x64-based Systems

Windows 11 Version 24H2 for ARM64-based Systems

Windows 11 Version 24H2 for x64-based Systems

Windows Server 2022

Windows Server 2022 (Server Core installation)

Windows Server 2022, 23H2 Edition (Server Core installation)

CVSS向量

访问途径(AV)

本地


攻击复杂度(AC)




所需权限(PR)




用户交互(UI)

不需要用户交互


影响范围 (S)


不变


机密性影响 (C)





完整性影响 (I)




可用性影响 (A)




10、Windows Secure Channel拒绝服务漏洞(CVE-2024-38148)

漏洞类型

拒绝服务


CVSS3.1评分

7.8


CVE编号


CVE-2024-38148

安恒CERT编号


DM-202406-001612

影响主体

Windows 11 version 21H2 for ARM64-based Systems

Windows 11 version 21H2 for x64-based Systems

Windows 11 Version 22H2 for ARM64-based Systems

Windows 11 Version 22H2 for x64-based Systems

Windows 11 Version 23H2 for ARM64-based Systems

Windows 11 Version 23H2 for x64-based Systems

Windows 11 Version 24H2 for ARM64-based Systems

Windows 11 Version 24H2 for x64-based Systems

Windows Server 2022

Windows Server 2022 (Server Core installation)

Windows Server 2022, 23H2 Edition (Server Core installation)

CVSS向量

访问途径(AV)

网络


攻击复杂度(AC)




所需权限(PR)

无需任何权限


用户交互(UI)

不需要用户交互


影响范围 (S)


不变


机密性影响 (C)





完整性影响 (I)




可用性影响 (A)




11、Windows DWM 核心库特权提升漏洞(CVE-2024-38150)

漏洞类型

权限提升

CVSS3.1评分

7.8


CVE编号


CVE-2024-38150

安恒CERT编号


DM-202406-001614

影响主体

Windows 10 Version 21H2 for 32-bit Systems

Windows 10 Version 21H2 for ARM64-based Systems

Windows 10 Version 21H2 for x64-based Systems

Windows 10 Version 22H2 for 32-bit Systems

Windows 10 Version 22H2 for ARM64-based Systems

Windows 10 Version 22H2 for x64-based Systems

Windows 11 version 21H2 for ARM64-based Systems

Windows 11 version 21H2 for x64-based Systems

Windows 11 Version 22H2 for ARM64-based Systems

Windows 11 Version 22H2 for x64-based Systems

Windows 11 Version 23H2 for ARM64-based Systems

Windows 11 Version 23H2 for x64-based Systems

Windows 11 Version 24H2 for ARM64-based Systems

Windows 11 Version 24H2 for x64-based Systems

Windows Server 2022

Windows Server 2022 (Server Core installation)

Windows Server 2022, 23H2 Edition (Server Core installation)

CVSS向量

访问途径(AV)

本地


攻击复杂度(AC)




所需权限(PR)




用户交互(UI)

不需要用户交互


影响范围 (S)


不变


机密性影响 (C)





完整性影响 (I)




可用性影响 (A)




12、Azure Stack Hub 欺骗漏洞(CVE-2024-38108)

危害等级

严重

CVSS3.1评分

9.3


CVE编号


CVE-2024-38108

安恒CERT编号


DM-202406-001572

漏洞描述

Azure Stack Hub 是微软提供的一种混合云平台,它允许企业在自己的数据中心内运行 Azure 服务。Azure Stack Hub 存在身份欺骗漏洞,未经身份验证的攻击者可以通过诱导受害者在虚拟机的网页浏览器中加载恶意代码来利用此漏洞,从而使攻击者能够利用虚拟机的隐式身份。

CVSS向量

访问途径(AV)

网络


攻击复杂度(AC)




所需权限(PR)

无需任何权限


用户交互(UI)

需要用户交互


影响范围 (S)


改变


机密性影响 (C)





完整性影响 (I)




可用性影响 (A)




参考链接

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-38108

13、Windows Network Virtualization远程代码执行漏洞(CVE-2024-38159)

危害等级

严重

CVSS3.1评分

9.1


CVE编号


CVE-2024-38159

安恒CERT编号


DM-202406-001623

漏洞描述

Windows Network Virtualization 中存在远程代码执行漏洞,具备较高权限的攻击者可利用该漏洞实现 guest-to-host 逃逸。

CVSS向量

访问途径(AV)

网络


攻击复杂度(AC)




所需权限(PR)

用户交互(UI)

不需要用户交互


影响范围 (S)


改变


机密性影响 (C)





完整性影响 (I)




可用性影响 (A)




参考链接

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-38159

14、Windows Network Virtualization远程代码执行漏洞(CVE-2024-38160)

危害等级

严重

CVSS3.1评分

9.1


CVE编号


CVE-2024-38160

安恒CERT编号


DM-202406-001624

漏洞描述

Windows Network Virtualization 中存在远程代码执行漏洞,具备较高权限的攻击者可利用该漏洞实现 guest-to-host 逃逸。

CVSS向量

访问途径(AV)

网络


攻击复杂度(AC)




所需权限(PR)



用户交互(UI)

不需要用户交互


影响范围 (S)


改变


机密性影响 (C)





完整性影响 (I)




可用性影响 (A)




参考链接

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-38160

15、Windows Line Printer Daemon (LPD)服务远程代码执行漏洞(CVE-2024-38199)

危害等级

严重

CVSS3.1评分

9.8


CVE编号


CVE-2024-38199

安恒CERT编号


DM-202406-001663

漏洞描述

Windows Line Printer Daemon Service 是 Windows 操作系统中的一个网络服务,它使用 Line Printer Remote (LPR)/Line Printer Daemon (LPD) 协议来处理网络打印任务,支持 Unix/Linux 系统与 Windows 系统之间的跨平台打印。 本次漏洞发生在 LPD 协议中,未通过身份验证的攻击者可通过网络向存在漏洞的 Windows Line Printer Daemon Service 发送特制的打印任务。成功利用该漏洞可在服务器上远程执行代码。

CVSS向量

访问途径(AV)

网络


攻击复杂度(AC)




所需权限(PR)

无需任何权限


用户交互(UI)

不需要用户交互


影响范围 (S)


不变


机密性影响 (C)





完整性影响 (I)




可用性影响 (A)




参考链接

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-38199

16、Windows Reliable Multicast Transport Driver (RMCAST)远程代码执行漏洞(CVE-2024-38140)

危害等级

严重

CVSS3.1评分

9.8


CVE编号


CVE-2024-38140

安恒CERT编号


DM-202406-001604

漏洞描述

Windows Reliable Multicast Transport Driver (RMCAST) 是 Windows 操作系统中的一种网络驱动程序,它用于支持可靠的多播传输。未经身份验证的攻击者可通过 socket 向服务器上的 Windows Pragmatic General Multicast (PGM) 发送特制数据包来利用该漏洞,实现远程代码执行,且用户无需进行任何交互。

CVSS向量

访问途径(AV)

网络


攻击复杂度(AC)




所需权限(PR)

无需任何权限


用户交互(UI)

不需要用户交互


影响范围 (S)


不变


机密性影响 (C)





完整性影响 (I)




可用性影响 (A)




参考链接

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-38140

17、Azure Health Bot 特权提升漏洞(CVE-2024-38109)

危害等级

严重

CVSS3.1评分

9.8


CVE编号


CVE-2024-38109

安恒CERT编号


DM-202406-001573

漏洞描述

Azure Health Bot 是 Microsoft 提供的一个基于云的服务,专门为医疗领域设计,用于创建和部署 AI 驱动的聊天机器人。Azure Health Bot 服务存在权限提升漏洞,经过身份验证的攻击者可利用 Azure Health Bot 服务端的 SSRF 漏洞,通过网络提升权限。

CVSS向量

访问途径(AV)

网络


攻击复杂度(AC)




所需权限(PR)

无需任何权限


用户交互(UI)

不需要用户交互


影响范围 (S)


不变


机密性影响 (C)





完整性影响 (I)




可用性影响 (A)




参考链接

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-38109


1 1

03

修复方案

官方修复方案:

目前微软针对支持的产品已发布升级补丁修复了上述漏洞,请用户参考官方通告及时下载更新补丁。补丁获取:https://msrc.microsoft.com/update-guide/vulnerability
Windows 更新:

自动更新:Microsoft Update默认启用,当系统检测到可用更新时,将会自动下载更新并在下一次启动时安装。

手动更新:

1、点击“开始菜单”或按Windows快捷键,点击进入“设置”。

2、选择“更新和安全”,进入“Windows更新”(Windows 8、Windows 8.1、Windows Server 2012以及Windows Server 2012 R2可通过控制面板进入“Windows更新”,具体步骤为“控制面板”->“系统和安全”->“Windows更新”)。

3、选择“检查更新”,等待系统将自动检查并下载可用更新。

4、重启计算机,安装更新系统重新启动后,可通过进入“Windows更新”->“查看更新历史记录”查看是否成功安装了更新。

04

参考资料

https://msrc.microsoft.com/update-guide/releaseNote/2024-Aug

回复

使用道具 举报

您需要登录后才可以回帖 登录 | 注册

本版积分规则

指导单位

江苏省公安厅

江苏省通信管理局

浙江省台州刑侦支队

DEFCON GROUP 86025

旗下站点

邮箱系统

应急响应中心

红盟安全

联系我们

官方QQ群:112851260

官方邮箱:security#ihonker.org(#改成@)

官方核心成员

Archiver|手机版|小黑屋| ( 苏ICP备2021031567号 )

GMT+8, 2024-12-21 20:03 , Processed in 0.025032 second(s), 12 queries , Gzip On, MemCache On.

Powered by ihonker.com

Copyright © 2015-现在.

  • 返回顶部