一、漏洞概述
9月14日,绿盟科技CERT监测到微软发布9月安全更新补丁,修复了63个安全问题,涉及Windows TCP/IP、.NET Framework、Windows Print Spooler Components、Windows LDAP等广泛使用的产品,其中包括权限提升、远程代码执行等高危漏洞类型。
本月微软月度更新修复的漏洞中,严重程度为关键(Critical)的漏洞有5个,重要(Important)漏洞有58个,其中包括2个0day漏洞:
Windows Common Log File System Driver权限提升漏洞(CVE-2022-37969)
缓存推测限制漏洞(Arm)(CVE-2022-23960)
请相关用户尽快更新补丁进行防护,完整漏洞列表请参考附录。
绿盟远程安全评估系统(RSAS)已具备微软此次补丁更新中大部分漏洞的检测能力(包括CVE-2022-37969、CVE-2022-34718、CVE-2022-34721、CVE-2022-34722、CVE-2022-34729等高危漏洞),请相关用户关注绿盟远程安全评估系统系统插件升级包的更新,及时升级至V6.0R02F01.2812,官网链接:http://update.nsfocus.com/update/listRsasDetail/v/vulsys
参考链接:
https://msrc.microsoft.com/update-guide/releaseNote/2022-Sep
二、重点漏洞简述
根据产品流行度和漏洞重要性筛选出此次更新中包含影响较大的漏洞,请相关用户重点进行关注:
- Windows Common Log File System Driver权限提升漏洞(CVE-2022-37969):
通用日志文件系统(CLFS)中存在权限提升漏洞,由于common log file system driver中的应用程序未实行正确的安全限制,具有低权限的本地攻击者通过利用该漏洞绕过安全限制,从而在目标系统上提升至SYSTEM权限并执行任意代码。该漏洞已被公开披露,且存在在野利用,CVSS评分为7.8。
官方通告链接:
https://msrc.microsoft.com/update-guide/ch-ZN/vulnerability/CVE-2022-37969
- 缓存推测限制漏洞(Arm)(CVE-2022-23960):
由于Arm Cortex和Neoverse处理器未针对缓存推测实行正确限制,在特定配置条件下,经过身份验证的本地攻击者成功利用该漏洞可获取系统敏感信息,该漏洞已被公开披露。
官方通告链接:
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-23960
- Windows TCP/IP远程代码执行漏洞(CVE-2022-34718):
Windows TCP/IP存在远程代码执行漏洞,由于Windows TCP/IP未对用户输入的数据进行充分验证,未经身份验证的远程攻击者通过发送特制的IPv6数据包,最终导致在目标系统上任意执行代码。微软官方表示,只有运行IPSec服务的系统才可能受到该漏洞攻击。CVSS评分为9.8。
官方通告链接:
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-34718
- Microsoft Dynamics CRM (on-premises) 远程代码执行漏洞(CVE-2022-34700/CVE-2022-35805):
Microsoft Dynamics CRM (on-premises)中存在远程代码执行漏洞,由于Dynamics CRM未对用户输入的数据进行充分过滤,经过身份验证的的远程攻击者通过发送特制请求,最终可实现在Dynamics 365数据库以db_owner权限任意执行命令,且无需用户交互。CVSS评分为8.8。
官方通告链接:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34700
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35805
- Windows Internet Key Exchange (IKE) Protocol Extensions远程代码执行漏洞(CVE-2022-34721/CVE-2022-34722):
由于IKE Protocol Extensions中的应用程序未实行正确的安全限制,未经身份验证的远程攻击者通过向启用IPSec服务的计算器发送特制的IP数据包,最终可实现在目标服务器上任意执行代码,且无需用户交互。CVSS评分为9.8。
官方通告链接:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34721
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34722
- Windows Kernel权限提升漏洞(CVE-2022-37957):
Windows Kernel中存在权限提升漏洞,由于Windows Kernel未实行正确的安全限制,具有低权限的本地攻击者通过利用该漏洞绕过安全限制,从而在目标系统上提升至SYSTEM权限并执行任意代码,且无需用户交互。CVSS评分为7.8。
官方通告链接:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37957
- Windows GDI权限提升漏洞(CVE-2022-34729):
Windows GDI存在权限提升漏洞,由于Windows GDI未实行正确的安全限制,具有低权限的本地攻击者通过利用该漏洞绕过安全限制,从而在目标系统上提升至SYSTEM权限并执行任意代码,且无需用户交互。CVSS评分为7.8。
官方通告链接:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34729
- Windows ALPC 权限提升漏洞(CVE-2022-34725):
Windows ALPC存在权限提升漏洞,由于Windows ALPC的安全限制存在缺陷,在特定的配置环境中,具有低权限的本地攻击者通过利用该漏洞绕过安全限制,从而在目标系统上提升至SYSTEM权限并执行任意代码,且无需用户交互。CVSS评分为7.0。
官方通告链接:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34725
三、影响范围
以下为重点关注漏洞的受影响产品版本,其他漏洞影响产品范围请参阅官方通告链接。
漏洞编号 | 受影响产品版本 |
CVE-2022-37969 | Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows 7 for x64-based Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 Azure Edition Core Hotpatch Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems |
CVE-2022-34718 | Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows 7 for x64-based Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 Azure Edition Core Hotpatch Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems |
CVE-2022-34700
CVE-2022-35805 |
Microsoft Dynamics CRM (on-premises) 9.1
Microsoft Dynamics CRM (on-premises) 9.0 |
CVE-2022-34721
CVE-2022-34722 |
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for 32-bit Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 Azure Edition Core Hotpatch Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows 7 for x64-based Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems |
CVE-2022-34724 | Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows Server 2022 Azure Edition Core Hotpatch Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 |
CVE-2022-37957 | Windows Server 2022 (Server Core installation)
Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 11 for x64-based Systems Windows 11 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems |
CVE-2022-34729 | Windows Server 2022 Azure Edition Core Hotpatch
Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows 7 for x64-based Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows 11 for x64-based Systems Windows 11 for ARM64-based Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems |
CVE-2022-34725 | Windows Server 2022 Azure Edition Core Hotpatch
Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows 11 for x64-based Systems Windows 11 for ARM64-based Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems |
四、漏洞防护
- 补丁更新
目前微软官方已针对受支持的产品版本发布了修复以上漏洞的安全补丁,强烈建议受影响用户尽快安装补丁进行防护,官方下载链接:
https://msrc.microsoft.com/update-guide/releaseNote/2022-Sep
注:由于网络问题、计算机环境问题等原因,Windows Update的补丁更新可能出现失败。用户在安装补丁后,应及时检查补丁是否成功更新。
右键点击Windows图标,选择“设置(N)”,选择“更新和安全”-“Windows更新”,查看该页面上的提示信息,也可点击“查看更新历史记录”查看历史更新情况。
针对未成功安装的更新,可点击更新名称跳转到微软官方下载页面,建议用户点击该页面上的链接,转到“Microsoft更新目录”网站下载独立程序包并安装。
附录:漏洞列表
影响产品 | CVE编号 | 漏洞标题 | 严重程度 |
Microsoft Dynamics CRM | CVE-2022-34700 | Microsoft Dynamics 365 (on-premises)远程代码执行漏洞 | Critical |
Microsoft Dynamics CRM | CVE-2022-35805 | Microsoft Dynamics 365 (on-premises)远程代码执行漏洞 | Critical |
Windows | CVE-2022-34721 | Windows Internet Key Exchange (IKE)协议扩展远程代码执行漏洞 | Critical |
Windows | CVE-2022-34722 | Windows Internet Key Exchange (IKE)协议扩展远程代码执行漏洞 | Critical |
Windows | CVE-2022-34718 | Windows TCP/IP远程代码执行漏洞 | Critical |
Windows | CVE-2022-37969 | Microsoft Exchange Server 远程代码执行漏洞 | Important |
Windows | CVE-2022-23960 * | CVE-2022-23960缓存投机限制漏洞 | Important |
Microsoft Visual Studio | CVE-2022-38013 | .NET Core和Visual Studio拒绝服务漏洞 | Important |
Microsoft .NET Framework | CVE-2022-26929 | .NET框架远程代码执行漏洞 | Important |
AV1 Video Extension | CVE-2022-38019 | AV1视频扩展远程代码执行漏洞 | Important |
Azure | CVE-2022-38007 | Azure Guest配置和Azure arc支持的服务器特权提升漏洞 | Important |
Windows | CVE-2022-37954 | DirectX图形内核的特权提升漏洞 | Important |
Windows | CVE-2022-35838 | HTTP V3拒绝服务漏洞 | Important |
Microsoft Defender for Endpoint for Mac | CVE-2022-35828 | Microsoft Defender for Endpoint for Mac的特权提升漏洞 | Important |
Windows | CVE-2022-34726 | Microsoft ODBC驱动程序远程代码执行漏洞 | Important |
Windows | CVE-2022-34727 | Microsoft ODBC驱动程序远程代码执行漏洞 | Important |
Windows | CVE-2022-34730 | Microsoft ODBC驱动程序远程代码执行漏洞 | Important |
Windows | CVE-2022-34732 | Microsoft ODBC驱动程序远程代码执行漏洞 | Important |
Windows | CVE-2022-34734 | Microsoft ODBC驱动程序远程代码执行漏洞 | Important |
Microsoft Office | CVE-2022-37963 | Microsoft Office Visio远程代码执行漏洞 | Important |
Microsoft Office | CVE-2022-38010 | Microsoft Office Visio远程代码执行漏洞 | Important |
Windows | CVE-2022-34731 | Microsoft OLE DB Provider for SQL Server远程代码执行漏洞 | Important |
Windows | CVE-2022-34733 | Microsoft OLE DB Provider for SQL Server远程代码执行漏洞 | Important |
Windows | CVE-2022-35834 | Microsoft OLE DB Provider for SQL Server远程代码执行漏洞 | Important |
Windows | CVE-2022-35835 | Microsoft OLE DB Provider for SQL Server远程代码执行漏洞 | Important |
Windows | CVE-2022-35836 | Microsoft OLE DB Provider for SQL Server远程代码执行漏洞 | Important |
Windows | CVE-2022-35840 | Microsoft OLE DB Provider for SQL Server远程代码执行漏洞 | Important |
Microsoft Office | CVE-2022-37962 | Microsoft PowerPoint远程代码执行漏洞 | Important |
Microsoft SharePoint | CVE-2022-35823 | Microsoft SharePoint远程代码执行漏洞 | Important |
Microsoft SharePoint Server | CVE-2022-37961 | Microsoft SharePoint Server远程代码执行漏洞 | Important |
Microsoft SharePoint Server | CVE-2022-38008 | Microsoft SharePoint Server远程代码执行漏洞 | Important |
Microsoft SharePoint Server | CVE-2022-38009 | Microsoft SharePoint Server远程代码执行漏洞 | Important |
Windows Server | CVE-2022-37959 | 网络设备注册服务(NDES)安全功能绕过漏洞 | Important |
Raw Image Extension | CVE-2022-38011 | 原始图像扩展远程代码执行漏洞 | Important |
Windows Server | CVE-2022-35830 | 远程过程调用运行时远程代码执行漏洞 | Important |
Windows | CVE-2022-37958 | SPNEGO扩展协商(NEGOEX)安全机制信息泄露漏洞 | Important |
Visual Studio Code | CVE-2022-38020 | Visual Studio代码特权提升漏洞 | Important |
Windows | CVE-2022-34725 | Windows ALPC特权提升漏洞 | Important |
Windows | CVE-2022-35803 | Windows通用日志文件系统驱动程序特权提升漏洞 | Important |
Windows | CVE-2022-30170 | Windows凭据漫游服务特权提升漏洞 | Important |
Windows | CVE-2022-34719 | Windows分布式文件系统(DFS)特权提升漏洞 | Important |
Windows Server | CVE-2022-34724 | Windows DNS服务器拒绝服务漏洞 | Important |
Windows | CVE-2022-34723 | Windows DPAPI(数据保护应用程序编程接口)信息泄露漏洞 | Important |
Windows | CVE-2022-35841 | Windows企业应用管理服务远程代码执行漏洞 | Important |
Windows | CVE-2022-35832 | Windows事件跟踪拒绝服务漏洞 | Important |
Windows | CVE-2022-38004 | Windows传真服务远程代码执行漏洞 | Important |
Windows | CVE-2022-34729 | Windows GDI特权提升漏洞 | Important |
Windows | CVE-2022-38006 | Windows图形组件信息泄露漏洞 | Important |
Windows | CVE-2022-34728 | Windows图形组件信息泄露漏洞 | Important |
Windows | CVE-2022-35837 | Windows图形组件信息泄露漏洞 | Important |
Windows | CVE-2022-37955 | Windows组策略特权提升漏洞 | Important |
Windows | CVE-2022-34720 | Windows Internet密钥交换(IKE)扩展拒绝服务漏洞 | Important |
Windows Server | CVE-2022-33647 | Windows Kerberos特权提升漏洞 | Important |
Windows Server | CVE-2022-33679 | Windows Kerberos特权提升漏洞 | Important |
Windows | CVE-2022-37956 | Windows内核特权提升漏洞 | Important |
Windows | CVE-2022-37957 | Windows内核特权提升漏洞 | Important |
Windows | CVE-2022-37964 | Windows内核特权提升漏洞 | Important |
Windows | CVE-2022-30200 | Windows轻型目录访问协议(LDAP)远程代码执行漏洞 | Important |
Windows | CVE-2022-26928 | Windows照片导入API特权提升漏洞 | Important |
Windows | CVE-2022-38005 | Windows打印后台程序特权提升漏洞 | Important |
Windows | CVE-2022-35831 | Windows远程访问连接管理器信息泄露漏洞 | Important |
Windows | CVE-2022-30196 | Windows安全通道拒绝服务漏洞 | Important |
Windows | CVE-2022-35833 | Windows安全通道拒绝服务漏洞 | Important |
声明
本安全公告仅用来描述可能存在的安全问题,绿盟科技不为此安全公告提供任何保证或承诺。由于传播、利用此安全公告所提供的信息而造成的任何直接或者间接的后果及损失,均由使用者本人负责,绿盟科技以及安全公告作者不为此承担任何责任。
绿盟科技拥有对此安全公告的修改和解释权。如欲转载或传播此安全公告,必须保证此安全公告的完整性,包括版权声明等全部内容。未经绿盟科技允许,不得任意修改或者增减此安全公告内容,不得以任何方式将其用于商业目的。