一、漏洞概述
7月12日,绿盟科技CERT监测到微软发布7月安全更新补丁,修复了132个安全问题,涉及Microsoft SharePoint Server、Windows Pragmatic General Multicast (PGM)、Windows MSHTML、Microsoft Outlook、Windows SmartScreen等广泛使用的产品,其中包括权限提升、远程代码执行等高危漏洞类型。同时需要关注的是已有恶意行为者使用Microsoft签名驱动程序进行恶意活动的在野利用事件,编号为ADV230001。
本月微软月度更新修复的漏洞中,严重程度为关键(Critical)的漏洞有9个,重要(Important)漏洞有122个。其中包括6个已检测到在野利用的漏洞:
Windows MSHTML平台特权提升漏洞(CVE-2023-32046)
Windows SmartScreen安全功能绕过漏洞(CVE-2023-32049)
Windows Error Reporting Service特权提升漏洞(CVE-2023-36874)
Office and Windows HTML远程代码执行漏洞(CVE-2023-36884)
Microsoft Outlook安全功能绕过漏洞(CVE-2023-35311)
ADV230001-Microsoft签名驱动程序被恶意使用
请相关用户尽快更新补丁进行防护,完整漏洞列表请参考附录。
参考链接:
https://msrc.microsoft.com/update-guide/releaseNote/2023-Jul
二、重点漏洞简述
根据产品流行度和漏洞重要性筛选出此次更新中包含影响较大的漏洞,请相关用户重点进行关注:
Windows MSHTML平台特权提升漏洞(CVE-2023-32046):
Windows MSHTML平台中存在特权提升漏洞,攻击者可通过向用户发送特制的恶意文件或包含恶意文件的恶意网站来利用该漏洞,当成功诱使用户在受影响的系统上下载并打开特制恶意文件后,成功利用该漏洞的攻击者可获取管理员权限。目前已监测到该漏洞存在在野利用,CVSS评分7.8。
官方通告链接:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32046
Windows SmartScreen安全功能绕过漏洞(CVE-2023-32049):
Windows SmartScreen中存在安全功能绕过漏洞,未经身份验证的远程攻击者通过诱导用户单击特制的恶意URL利用该漏洞,对目标系统进行攻击。成功利用该漏洞的攻击者能够绕过“打开文件-安全警告”提示。目前已监测到该漏洞存在在野利用,CVSS评分为8.8。
官方链接通告:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32049
Windows Error Reporting Service特权提升漏洞(CVE-2023-36874):
Windows Error Reporting Service中存在特权提升漏洞,具有低权限且能够在系统上创建文件夹和性能跟踪的本地攻击者成功利用该漏洞可获的管理员权限,且无需用户交互。目前已监测到该漏洞存在在野利用,CVSS评分为7.8。
官方通告链接:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36874
Office and Windows HTML远程代码执行漏洞(CVE-2023-36884):
攻击者可通过特制的Microsoft Office文档,当成功诱使用户在受影响系统上打开特制恶意文件后,未经身份验证的远程攻击者可利用该漏洞在目标系统上执行任意代码。目前该漏洞已被公开披露,且存在在野利用,CVSS评分为8.3。目前暂未发布针对此漏洞的安全更新,请相关用户持续关注。
官方通告链接:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36884
Microsoft Outlook安全功能绕过漏洞(CVE-2023-35311):
Microsoft Outlook中存在安全功能绕过漏洞,未经身份验证的远程攻击者通过诱导用户单击特制的恶意URL利用该漏洞,对目标系统进行攻击。成功利用该漏洞的攻击者能够绕过Microsoft Outlook 安全通知提示,且预览窗格也是攻击媒介。目前已监测到该漏洞存在在野利用,CVSS评分为8.8。
官方链接通告:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35311
Microsoft SharePoint Server远程代码执行漏洞(CVE-2023-33157):
Microsoft SharePoint服务器存在远程代码执行漏洞,经过身份验证且具有ManageList 权限的攻击者通过利用该漏洞,最终可实现在目标服务器上执行任意代码,CVSS评分为8.8。
官方通告链接:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33157
Microsoft Message Queuing 远程代码执行漏洞(CVE-2023-32057):
Windows消息队列服务是一个Windows组件,需要系统启用该组件才能利用此漏洞,该组件可以通过控制面板添加。Microsoft Message Queuing中存在远程代码执行漏洞,未经身份验证的远程攻击者通过向MSMQ服务器发送特制的恶意MSMQ数据包触发此漏洞,最终实现在服务器端远程代码执行,且无需用户交互。CVSS评分 9.8。
官方通告链接:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32057
Windows Routing and Remote Access Service (RRAS) 远程代码执行漏洞(CVE-2023-35367/CVE-2023-35366/CVE-2023-35365):
Windows Routing and Remote Access Service (RRAS)中存在远程代码执行漏洞。在开启RRAS功能的情况下,未经身份验证的远程攻击者可通过向目标服务器发送特制的数据包来利用该漏洞,最终实现在目标服务器上远程执行代码。CVSS评分9.8。
官方通告链接:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35367
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35366
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35365
ADV230001-Microsoft签名驱动程序被恶意使用
Microsoft最近获悉,Microsoft Windows硬件开发者计划(MWHDP)认证的驱动程序被恶意使用。已知的攻击中,攻击者在使用驱动程序之前就已经获得了受感染系统的管理权限。调查显示,Microsoft合作伙伴中心(MPC)的多个开发人员帐户参与了提交恶意驱动程序以获取Microsoft签名的活动,目前涉及此事件的开发者账户已被禁用,并对所有报告的恶意驱动程序实施了拦截检测,以帮助保护客户免受这种威胁。
官方链接通告:
https://msrc.microsoft.com/update-guide/en-US/vulnerability/ADV230001
三、影响范围
以下为部分重点关注漏洞的受影响产品版本,其他漏洞影响产品范围请参阅官方通告链接。
| 漏洞编号 | 受影响产品版本 |
| CVE-2023-32046
CVE-2023-36874 CVE-2023-32057 CVE-2023-35367 CVE-2023-35366 CVE-2023-35365 |
Windows 10 Version 22H2 for 32-bit Systems
Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems |
| CVE-2023-32049 | Windows Server 2016 (Server Core installation)
Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems |
| CVE-2023-36884 | Windows 10 for x64-based Systems
Windows 10 for 32-bit Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Microsoft Word 2013 Service Pack 1 (64-bit editions) Microsoft Word 2013 Service Pack 1 (32-bit editions) Microsoft Word 2016 (64-bit edition) Microsoft Word 2016 (32-bit edition) Microsoft Office LTSC 2021 for 32-bit editions Microsoft Office LTSC 2021 for 64-bit editions Microsoft Office 2019 for 64-bit editions Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Microsoft Office 2019 for 32-bit editions Windows Server 2012 R2 (Server Core installation) |
| CVE-2023-35311 | Microsoft 365 Apps for Enterprise for 64-bit Systems
Microsoft Office LTSC 2021 for 32-bit editions Microsoft 365 Apps for Enterprise for 32-bit Systems Microsoft Outlook 2013 RT Service Pack 1 Microsoft Outlook 2013 (64-bit editions) Microsoft Outlook 2013 (32-bit editions) Microsoft Outlook 2016 (64-bit edition) Microsoft Office 2019 for 64-bit editions Microsoft Outlook 2016 (32-bit edition) Microsoft Office 2019 for 32-bit editions Microsoft Office LTSC 2021 for 64-bit editions |
| CVE-2023-33157 | Microsoft SharePoint Server Subscription Edition
Microsoft SharePoint Server 2019 Microsoft SharePoint Enterprise Server 2016 |
四、漏洞防护
- 补丁更新
目前微软官方已针对受支持的产品版本发布了修复以上漏洞的安全补丁,强烈建议受影响用户尽快安装补丁进行防护,官方下载链接:
https://msrc.microsoft.com/update-guide/releaseNote/2023-Jul
注:由于网络问题、计算机环境问题等原因,Windows Update的补丁更新可能出现失败。用户在安装补丁后,应及时检查补丁是否成功更新。
右键点击Windows图标,选择“设置(N)”,选择“更新和安全”-“Windows更新”,查看该页面上的提示信息,也可点击“查看更新历史记录”查看历史更新情况。
针对未成功安装的更新,可点击更新名称跳转到微软官方下载页面,建议用户点击该页面上的链接,转到“Microsoft更新目录”网站下载独立程序包并安装。
附录:漏洞列表
| 影响产品 | CVE编号 | 漏洞标题 | 严重程度 |
| Microsoft Office SharePoint | CVE-2023-33160 | Microsoft SharePoint远程代码执行漏洞 | Critical |
| Microsoft Office SharePoint | CVE-2023-33157 | Microsoft SharePoint远程执行代码漏洞 | Critical |
| Windows Layer-2 Bridge Network Driver | CVE-2023-35315 | Windows Layer-2 Bridge Network Driver远程执行代码漏洞 | Critical |
| Windows Message Queuing | CVE-2023-32057 | Microsoft Message Queuing远程执行代码漏洞 | Critical |
| Windows PGM | CVE-2023-35297 | Windows Pragmatic General Multicast (PGM)远程代码执行漏洞 | Critical |
| Windows Remote Desktop | CVE-2023-35352 | Windows 远程桌面安全功能绕过漏洞 | Critical |
| Windows Routing and Remote Access Service (RRAS) | CVE-2023-35367 | Windows Routing and Remote Access Service (RRAS)远程执行代码漏洞 | Critical |
| Windows Routing and Remote Access Service (RRAS) | CVE-2023-35366 | Windows Routing and Remote Access Service (RRAS)远程执行代码漏洞 | Critical |
| Windows Routing and Remote Access Service (RRAS) | CVE-2023-35365 | Windows Routing and Remote Access Service (RRAS)远程执行代码漏洞 | Critical |
| .NET and Visual Studio | CVE-2023-33127 | .NET 和 Visual Studio 特权提升漏洞 | Important |
| ASP.NET and Visual Studio | CVE-2023-33170 | ASP.NET 和 Visual Studio 安全功能绕过漏洞 | Important |
| Azure Active Directory | CVE-2023-36871 | Azure 活动目录安全功能绕过漏洞 | Important |
| Azure Active Directory | CVE-2023-35348 | 活动目录联合身份验证服务安全功能绕过漏洞 | Important |
| Microsoft Dynamics | CVE-2023-33171 | Microsoft Dynamics 365(本地)跨站点脚本漏洞 | Important |
| Microsoft Dynamics | CVE-2023-35335 | Microsoft Dynamics 365(本地)跨站点脚本漏洞 | Important |
| Microsoft Graphics Component | CVE-2023-33149 | Microsoft Office 图形远程执行代码漏洞 | Important |
| Microsoft Graphics Component | CVE-2023-21756 | Windows Win32k 特权提升漏洞 | Important |
| Microsoft Media-Wiki Extensions | CVE-2023-35333 | MediaWiki PandocUpload Extension 远程代码执行漏洞 | Important |
| Microsoft Office | CVE-2023-33148 | Microsoft Office 特权提升漏洞 | Important |
| Microsoft Office | CVE-2023-36884 | Office 和 Windows HTML 远程执行代码漏洞 | Important |
| Microsoft Office | CVE-2023-33150 | Microsoft Office 安全功能绕过漏洞 | Important |
| Microsoft Office Access | CVE-2023-33152 | Microsoft ActiveX 远程执行代码漏洞 | Important |
| Microsoft Office Excel | CVE-2023-33158 | Microsoft Excel 远程执行代码漏洞 | Important |
| Microsoft Office Excel | CVE-2023-33161 | Microsoft Excel 远程执行代码漏洞 | Important |
| Microsoft Office Excel | CVE-2023-33162 | Microsoft Excel 信息泄露漏洞 | Important |
| Microsoft Office Outlook | CVE-2023-33151 | Microsoft Office Outlook欺骗漏洞 | Important |
| Microsoft Office Outlook | CVE-2023-33153 | Microsoft Outlook 远程执行代码漏洞 | Important |
| Microsoft Office Outlook | CVE-2023-35311 | Microsoft Outlook 安全功能绕过漏洞 | Important |
| Microsoft Office SharePoint | CVE-2023-33134 | Microsoft SharePoint远程代码执行漏洞 | Important |
| Microsoft Office SharePoint | CVE-2023-33165 | Microsoft SharePoint安全功能绕过漏洞 | Important |
| Microsoft Office SharePoint | CVE-2023-33159 | Microsoft SharePoint 服务器欺骗漏洞 | Important |
| Microsoft Power Apps | CVE-2023-32052 | Microsoft Power Apps 欺骗漏洞 | Important |
| Microsoft Printer Drivers | CVE-2023-32085 | Microsoft PostScript 和 PCL6 类打印机驱动程序信息泄露漏洞 | Important |
| Microsoft Printer Drivers | CVE-2023-35302 | Microsoft PostScript 和 PCL6 类打印机驱动程序远程执行代码漏洞 | Important |
| Microsoft Printer Drivers | CVE-2023-35296 | Microsoft PostScript 和 PCL6 类打印机驱动程序信息泄露漏洞 | Important |
| Microsoft Printer Drivers | CVE-2023-35324 | Microsoft PostScript 和 PCL6 类打印机驱动程序信息泄露漏洞 | Important |
| Microsoft Printer Drivers | CVE-2023-32040 | Microsoft PostScript 和 PCL6 类打印机驱动程序信息泄露漏洞 | Important |
| Microsoft Printer Drivers | CVE-2023-35306 | Microsoft PostScript 和 PCL6 类打印机驱动程序信息泄露漏洞 | Important |
| Microsoft Printer Drivers | CVE-2023-32039 | Microsoft PostScript 和 PCL6 类打印机驱动程序信息泄露漏洞 | Important |
| Microsoft Windows Codecs Library | CVE-2023-35303 | USB 音频类系统驱动程序远程执行代码漏洞 | Important |
| Microsoft Windows Codecs Library | CVE-2023-36872 | VP9 视频扩展信息泄露漏洞 | Important |
| Microsoft Windows Codecs Library | CVE-2023-32051 | 原始图像扩展远程执行代码漏洞 | Important |
| Mono Authenticode | CVE-2023-35373 | 单声道验证码验证欺骗漏洞 | Important |
| Paint 3D | CVE-2023-35374 | 画图 3D 远程执行代码漏洞 | Important |
| Paint 3D | CVE-2023-32047 | 画图 3D 远程执行代码漏洞 | Important |
| Role: DNS Server | CVE-2023-35310 | Windows DNS 服务器远程执行代码漏洞 | Important |
| Role: DNS Server | CVE-2023-35346 | Windows DNS 服务器远程执行代码漏洞 | Important |
| Role: DNS Server | CVE-2023-35345 | Windows DNS 服务器远程执行代码漏洞 | Important |
| Role: DNS Server | CVE-2023-35344 | Windows DNS 服务器远程执行代码漏洞 | Important |
| Service Fabric | CVE-2023-36868 | Windows 上的 Azure Service Fabric 信息泄露漏洞 | Important |
| Visual Studio Code | CVE-2023-36867 | Visual Studio Code GitHub 拉取请求和问题扩展远程执行代码漏洞 | Important |
| Windows Active Directory Certificate Services | CVE-2023-35351 | Windows Active Directory 证书服务 (AD CS) 远程执行代码漏洞 | Important |
| Windows Active Directory Certificate Services | CVE-2023-35350 | Windows Active Directory 证书服务 (AD CS) 远程执行代码漏洞 | Important |
| Windows Active Template Library | CVE-2023-32055 | 活动模板库特权提升漏洞 | Important |
| Windows Admin Center | CVE-2023-29347 | Windows 管理中心欺骗漏洞 | Important |
| Windows App Store | CVE-2023-35347 | Microsoft 安装服务特权提升漏洞 | Important |
| Windows Authentication Methods | CVE-2023-35329 | Windows 身份验证拒绝服务漏洞 | Important |
| Windows CDP User Components | CVE-2023-35326 | Windows CDP 用户组件信息泄露漏洞 | Important |
| Windows Clip Service | CVE-2023-35362 | Windows 剪辑服务特权提升漏洞 | Important |
| Windows Cloud Files Mini Filter Driver | CVE-2023-33155 | Windows 云文件微型筛选器驱动程序特权提升漏洞 | Important |
| Windows Cluster Server | CVE-2023-32033 | Microsoft 故障转移群集远程执行代码漏洞 | Important |
| Windows CNG Key Isolation Service | CVE-2023-35340 | Windows CNG 密钥隔离服务特权提升漏洞 | Important |
| Windows Common Log File System Driver | CVE-2023-35299 | Windows 常见日志文件系统驱动程序特权提升漏洞 | Important |
| Windows Connected User Experiences and Telemetry | CVE-2023-35320 | 连接的用户体验和遥测特权提升漏洞 | Important |
| Windows Connected User Experiences and Telemetry | CVE-2023-35353 | 连接的用户体验和遥测特权提升漏洞 | Important |
| Windows CryptoAPI | CVE-2023-35339 | Windows CryptoAPI 拒绝服务漏洞 | Important |
| Windows Cryptographic Services | CVE-2023-33174 | Windows 加密信息泄露漏洞 | Important |
| Windows Defender | CVE-2023-33156 | Microsoft 防御者特权提升漏洞 | Important |
| Windows Deployment Services | CVE-2023-35322 | Windows 部署服务远程执行代码漏洞 | Important |
| Windows Deployment Services | CVE-2023-35321 | Windows 部署服务拒绝服务漏洞 | Important |
| Windows EFI Partition | ADV230002 | Microsoft解决趋势科技 EFI 模块中安全功能绕过问题的指南 | Important |
| Windows Error Reporting | CVE-2023-36874 | Windows Error Reporting Service特权提升漏洞 | Important |
| Windows Failover Cluster | CVE-2023-32083 | Microsoft故障转移群集信息泄露漏洞 | Important |
| Windows Geolocation Service | CVE-2023-35343 | Windows 地理定位服务远程执行代码漏洞 | Important |
| Windows HTTP.sys | CVE-2023-32084 | HTTP.sys拒绝服务漏洞 | Important |
| Windows HTTP.sys | CVE-2023-35298 | HTTP.sys拒绝服务漏洞 | Important |
| Windows Image Acquisition | CVE-2023-35342 | Windows 图像采集特权提升漏洞 | Important |
| Windows Installer | CVE-2023-32053 | Windows 安装程序特权提升漏洞 | Important |
| Windows Installer | CVE-2023-32050 | Windows 安装程序特权提升漏洞 | Important |
| Windows Kernel | CVE-2023-35304 | Windows 内核特权提升漏洞 | Important |
| Windows Kernel | CVE-2023-35363 | Windows 内核特权提升漏洞 | Important |
| Windows Kernel | CVE-2023-35305 | Windows 内核特权提升漏洞 | Important |
| Windows Kernel | CVE-2023-35356 | Windows 内核特权提升漏洞 | Important |
| Windows Kernel | CVE-2023-35357 | Windows 内核特权提升漏洞 | Important |
| Windows Kernel | CVE-2023-35358 | Windows 内核特权提升漏洞 | Important |
| Windows Layer 2 Tunneling Protocol | CVE-2023-32037 | Windows 第 2 层桥接网络驱动程序信息泄露漏洞 | Important |
| Windows Local Security Authority (LSA) | CVE-2023-35331 | Windows 本地安全机构 (LSA) 拒绝服务漏洞 | Important |
| Windows Media | CVE-2023-35341 | Microsoft 直接音乐信息泄露漏洞 | Important |
| Windows Message Queuing | CVE-2023-35309 | Windows Message Queuing远程执行代码漏洞 | Important |
| Windows Message Queuing | CVE-2023-32045 | Windows Message Queuing拒绝服务漏洞 | Important |
| Windows Message Queuing | CVE-2023-32044 | Windows Message Queuing拒绝服务漏洞 | Important |
| Windows MSHTML Platform | CVE-2023-32046 | Windows MSHTML 平台特权提升漏洞 | Important |
| Windows MSHTML Platform | CVE-2023-35336 | Windows MSHTML 平台安全功能绕过漏洞 | Important |
| Windows MSHTML Platform | CVE-2023-35308 | Windows MSHTML 平台安全功能绕过漏洞 | Important |
| Windows Netlogon | CVE-2023-21526 | Windows Netlogon Information Disclosure 漏洞 | Important |
| Windows Network Load Balancing | CVE-2023-33163 | Windows 网络负载平衡远程执行代码漏洞 | Important |
| Windows NT OS Kernel | CVE-2023-35361 | Windows 内核特权提升漏洞 | Important |
| Windows NT OS Kernel | CVE-2023-35364 | Windows 内核特权提升漏洞 | Important |
| Windows NT OS Kernel | CVE-2023-35360 | Windows 内核特权提升漏洞 | Important |
| Windows ODBC Driver | CVE-2023-32038 | Microsoft ODBC 驱动程序远程执行代码漏洞 | Important |
| Windows OLE | CVE-2023-32042 | OLE 自动化信息泄露漏洞 | Important |
| Windows Online Certificate Status Protocol (OCSP) SnapIn | CVE-2023-35323 | Windows OLE 远程执行代码漏洞 | Important |
| Windows Online Certificate Status Protocol (OCSP) SnapIn | CVE-2023-35313 | Windows 联机证书状态协议 (OCSP) 管理单元远程执行代码漏洞 | Important |
| Windows Partition Management Driver | CVE-2023-33154 | Windows 分区管理驱动程序特权提升漏洞 | Important |
| Windows Peer Name Resolution Protocol | CVE-2023-35338 | Windows 对等名称解析协议拒绝服务漏洞 | Important |
| Windows Print Spooler Components | CVE-2023-35325 | Windows 打印后台处理程序信息泄露漏洞 | Important |
| Windows Remote Desktop | CVE-2023-32043 | Windows 远程桌面安全功能绕过漏洞 | Important |
| Windows Remote Desktop | CVE-2023-35332 | Windows 远程桌面协议安全功能绕过 | Important |
| Windows Remote Procedure Call | CVE-2023-35300 | 远程过程调用运行时远程执行代码漏洞 | Important |
| Windows Remote Procedure Call | CVE-2023-33168 | 远程过程调用运行时拒绝服务漏洞 | Important |
| Windows Remote Procedure Call | CVE-2023-33173 | 远程过程调用运行时拒绝服务漏洞 | Important |
| Windows Remote Procedure Call | CVE-2023-33172 | 远程过程调用运行时拒绝服务漏洞 | Important |
| Windows Remote Procedure Call | CVE-2023-32035 | 远程过程调用运行时拒绝服务漏洞 | Important |
| Windows Remote Procedure Call | CVE-2023-33166 | 远程过程调用运行时拒绝服务漏洞 | Important |
| Windows Remote Procedure Call | CVE-2023-32034 | 远程过程调用运行时拒绝服务漏洞 | Important |
| Windows Remote Procedure Call | CVE-2023-33167 | 远程过程调用运行时拒绝服务漏洞 | Important |
| Windows Remote Procedure Call | CVE-2023-33169 | 远程过程调用运行时拒绝服务漏洞 | Important |
| Windows Remote Procedure Call | CVE-2023-35318 | 远程过程调用运行时拒绝服务漏洞 | Important |
| Windows Remote Procedure Call | CVE-2023-33164 | 远程过程调用运行时拒绝服务漏洞 | Important |
| Windows Remote Procedure Call | CVE-2023-35319 | 远程过程调用运行时拒绝服务漏洞 | Important |
| Windows Remote Procedure Call | CVE-2023-35316 | 远程过程调用运行时信息泄露漏洞 | Important |
| Windows Remote Procedure Call | CVE-2023-35314 | 远程过程调用运行时拒绝服务漏洞 | Important |
| Windows Server Update Service | CVE-2023-35317 | Windows Server Update Service (WSUS) 特权提升漏洞 | Important |
| Windows Server Update Service | CVE-2023-32056 | Windows Server Update Service (WSUS) 特权提升漏洞 | Important |
| Windows SmartScreen | CVE-2023-32049 | Windows SmartScreen安全功能绕过漏洞 | Important |
| Windows SPNEGO Extended Negotiation | CVE-2023-35330 | Windows 扩展协商拒绝服务漏洞 | Important |
| Windows Transaction Manager | CVE-2023-35328 | Windows 事务管理器特权提升漏洞 | Important |
| Windows Update Orchestrator Service | CVE-2023-32041 | Windows 更新业务流程协调程序服务信息泄露漏洞 | Important |
| Windows VOLSNAP.SYS | CVE-2023-35312 | Microsoft VOLSNAP.SYS特权提升漏洞 | Important |
| Windows Volume Shadow Copy | CVE-2023-32054 | 卷影副本特权提升漏洞 | Important |
| Windows Win32K | CVE-2023-35337 | Win32k 特权提升漏洞 | Important |
| Windows Certificates | ADV230001 | 关于恶意使用Microsoft签名驱动程序的指南 | None |
声明
本安全公告仅用来描述可能存在的安全问题,绿盟科技不为此安全公告提供任何保证或承诺。由于传播、利用此安全公告所提供的信息而造成的任何直接或者间接的后果及损失,均由使用者本人负责,绿盟科技以及安全公告作者不为此承担任何责任。
绿盟科技拥有对此安全公告的修改和解释权。如欲转载或传播此安全公告,必须保证此安全公告的完整性,包括版权声明等全部内容。未经绿盟科技允许,不得任意修改或者增减此安全公告内容,不得以任何方式将其用于商业目的。